Back to index...

	/*
	* Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation. Oracle designates this
	* particular file as subject to the "Classpath" exception as provided
	* by Oracle in the LICENSE file that accompanied this code.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	package sun.security.jgss;

	import org.ietf.jgss.*;
	import sun.security.jgss.spi.*;
	import sun.security.util.ObjectIdentifier;
	import java.io.InputStream;
	import java.io.OutputStream;
	import java.io.ByteArrayInputStream;
	import java.io.ByteArrayOutputStream;
	import java.io.IOException;
	import com.sun.security.jgss.*;

	/**
	* This class represents the JGSS security context and its associated
	* operations. JGSS security contexts are established between
	* peers using locally established credentials. Multiple contexts
	* may exist simultaneously between a pair of peers, using the same
	* or different set of credentials. The JGSS is independent of
	* the underlying transport protocols and depends on its callers to
	* transport the tokens between peers.
	* <p>
	* The context object can be thought of as having 3 implicit states:
	* before it is established, during its context establishment, and
	* after a fully established context exists.
	* <p>
	* Before the context establishment phase is initiated, the context
	* initiator may request specific characteristics desired of the
	* established context. These can be set using the set methods. After the
	* context is established, the caller can check the actual characteristic
	* and services offered by the context using the query methods.
	* <p>
	* The context establishment phase begins with the first call to the
	* initSecContext method by the context initiator. During this phase the
	* initSecContext and acceptSecContext methods will produce GSS-API
	* authentication tokens which the calling application needs to send to its
	* peer. The initSecContext and acceptSecContext methods may
	* return a CONTINUE_NEEDED code which indicates that a token is needed
	* from its peer in order to continue the context establishment phase. A
	* return code of COMPLETE signals that the local end of the context is
	* established. This may still require that a token be sent to the peer,
	* depending if one is produced by GSS-API. The isEstablished method can
	* also be used to determine if the local end of the context has been
	* fully established. During the context establishment phase, the
	* isProtReady method may be called to determine if the context can be
	* used for the per-message operations. This allows implementation to
	* use per-message operations on contexts which aren't fully established.
	* <p>
	* After the context has been established or the isProtReady method
	* returns "true", the query routines can be invoked to determine the actual
	* characteristics and services of the established context. The
	* application can also start using the per-message methods of wrap and
	* getMIC to obtain cryptographic operations on application supplied data.
	* <p>
	* When the context is no longer needed, the application should call
	* dispose to release any system resources the context may be using.
	* <DL><DT><B>RFC 2078</b>
	* <DD>This class corresponds to the context level calls together with
	* the per message calls of RFC 2078. The gss_init_sec_context and
	* gss_accept_sec_context calls have been made simpler by only taking
	* required parameters. The context can have its properties set before
	* the first call to initSecContext. The supplementary status codes for the
	* per-message operations are returned in an instance of the MessageProp
	* class, which is used as an argument in these calls.</dl>
	*/
	class GSSContextImpl implements ExtendedGSSContext {

	private final GSSManagerImpl gssManager;
	private final boolean initiator;

	// private flags for the context state
	private static final int PRE_INIT = 1;
	private static final int IN_PROGRESS = 2;
	private static final int READY = 3;
	private static final int DELETED = 4;

	// instance variables
	private int currentState = PRE_INIT;

	private GSSContextSpi mechCtxt = null;
	private Oid mechOid = null;
	private ObjectIdentifier objId = null;

	private GSSCredentialImpl myCred = null;

	private GSSNameImpl srcName = null;
	private GSSNameImpl targName = null;

	private int reqLifetime = INDEFINITE_LIFETIME;
	private ChannelBinding channelBindings = null;

	private boolean reqConfState = true;
	private boolean reqIntegState = true;
	private boolean reqMutualAuthState = true;
	private boolean reqReplayDetState = true;
	private boolean reqSequenceDetState = true;
	private boolean reqCredDelegState = false;
	private boolean reqAnonState = false;
	private boolean reqDelegPolicyState = false;

	/**
	* Creates a GSSContextImp on the context initiator's side.
	*/
	public GSSContextImpl(GSSManagerImpl gssManager, GSSName peer, Oid mech,
	GSSCredential myCred, int lifetime)
	throws GSSException {
	if ((peer == null) \|\| !(peer instanceof GSSNameImpl)) {
	throw new GSSException(GSSException.BAD_NAME);
	}
	if (mech == null) mech = ProviderList.DEFAULT_MECH_OID;

	this.gssManager = gssManager;
	this.myCred = (GSSCredentialImpl) myCred; // XXX Check first
	reqLifetime = lifetime;
	targName = (GSSNameImpl)peer;
	this.mechOid = mech;
	initiator = true;
	}

	/**
	* Creates a GSSContextImpl on the context acceptor's side.
	*/
	public GSSContextImpl(GSSManagerImpl gssManager, GSSCredential myCred)
	throws GSSException {
	this.gssManager = gssManager;
	this.myCred = (GSSCredentialImpl) myCred; // XXX Check first
	initiator = false;
	}

	/**
	* Creates a GSSContextImpl out of a previously exported
	* GSSContext.
	*
	* @see #isTransferable
	*/
	public GSSContextImpl(GSSManagerImpl gssManager, byte[] interProcessToken)
	throws GSSException {
	this.gssManager = gssManager;
	mechCtxt = gssManager.getMechanismContext(interProcessToken);
	initiator = mechCtxt.isInitiator();
	this.mechOid = mechCtxt.getMech();
	}

	public byte[] initSecContext(byte inputBuf[], int offset, int len)
	throws GSSException {
	/*
	* Size of ByteArrayOutputStream will double each time that extra
	* bytes are to be written. Usually, without delegation, a GSS
	* initial token containing the Kerberos AP-REQ is between 400 and
	* 600 bytes.
	*/
	ByteArrayOutputStream bos = new ByteArrayOutputStream(600);
	ByteArrayInputStream bin =
	new ByteArrayInputStream(inputBuf, offset, len);
	int size = initSecContext(bin, bos);
	return (size == 0? null : bos.toByteArray());
	}

	public int initSecContext(InputStream inStream,
	OutputStream outStream) throws GSSException {

	if (mechCtxt != null && currentState != IN_PROGRESS) {
	throw new GSSExceptionImpl(GSSException.FAILURE,
	"Illegal call to initSecContext");
	}

	GSSHeader gssHeader = null;
	int inTokenLen = -1;
	GSSCredentialSpi credElement = null;
	boolean firstToken = false;

	try {
	if (mechCtxt == null) {
	if (myCred != null) {
	try {
	credElement = myCred.getElement(mechOid, true);
	} catch (GSSException ge) {
	if (GSSUtil.isSpNegoMech(mechOid) &&
	ge.getMajor() == GSSException.NO_CRED) {
	credElement = myCred.getElement
	(myCred.getMechs()[0], true);
	} else {
	throw ge;
	}
	}
	}
	GSSNameSpi nameElement = targName.getElement(mechOid);
	mechCtxt = gssManager.getMechanismContext(nameElement,
	credElement,
	reqLifetime,
	mechOid);
	mechCtxt.requestConf(reqConfState);
	mechCtxt.requestInteg(reqIntegState);
	mechCtxt.requestCredDeleg(reqCredDelegState);
	mechCtxt.requestMutualAuth(reqMutualAuthState);
	mechCtxt.requestReplayDet(reqReplayDetState);
	mechCtxt.requestSequenceDet(reqSequenceDetState);
	mechCtxt.requestAnonymity(reqAnonState);
	mechCtxt.setChannelBinding(channelBindings);
	mechCtxt.requestDelegPolicy(reqDelegPolicyState);

	objId = new ObjectIdentifier(mechOid.toString());

	currentState = IN_PROGRESS;
	firstToken = true;
	} else {
	if (mechCtxt.getProvider().getName().equals("SunNativeGSS") \|\|
	GSSUtil.isSpNegoMech(mechOid)) {
	// do not parse GSS header for native provider or SPNEGO
	// mech
	} else {
	// parse GSS header
	gssHeader = new GSSHeader(inStream);
	if (!gssHeader.getOid().equals((Object) objId))
	throw new GSSExceptionImpl
	(GSSException.DEFECTIVE_TOKEN,
	"Mechanism not equal to " +
	mechOid.toString() +
	" in initSecContext token");
	inTokenLen = gssHeader.getMechTokenLength();
	}
	}

	byte[] obuf = mechCtxt.initSecContext(inStream, inTokenLen);

	int retVal = 0;

	if (obuf != null) {
	retVal = obuf.length;
	if (mechCtxt.getProvider().getName().equals("SunNativeGSS") \|\|
	(!firstToken && GSSUtil.isSpNegoMech(mechOid))) {
	// do not add GSS header for native provider or SPNEGO
	// except for the first SPNEGO token
	} else {
	// add GSS header
	gssHeader = new GSSHeader(objId, obuf.length);
	retVal += gssHeader.encode(outStream);
	}
	outStream.write(obuf);
	}

	if (mechCtxt.isEstablished())
	currentState = READY;

	return retVal;

	} catch (IOException e) {
	throw new GSSExceptionImpl(GSSException.DEFECTIVE_TOKEN,
	e.getMessage());
	}
	}

	public byte[] acceptSecContext(byte inTok[], int offset, int len)
	throws GSSException {

	/*
	* Usually initial GSS token containing a Kerberos AP-REP is less
	* than 100 bytes.
	*/
	ByteArrayOutputStream bos = new ByteArrayOutputStream(100);
	acceptSecContext(new ByteArrayInputStream(inTok, offset, len),
	bos);
	byte[] out = bos.toByteArray();
	return (out.length == 0) ? null : out;
	}

	public void acceptSecContext(InputStream inStream,
	OutputStream outStream) throws GSSException {

	if (mechCtxt != null && currentState != IN_PROGRESS) {
	throw new GSSExceptionImpl(GSSException.FAILURE,
	"Illegal call to acceptSecContext");
	}

	GSSHeader gssHeader = null;
	int inTokenLen = -1;
	GSSCredentialSpi credElement = null;

	try {
	if (mechCtxt == null) {
	// mechOid will be null for an acceptor's context
	gssHeader = new GSSHeader(inStream);
	inTokenLen = gssHeader.getMechTokenLength();

	/*
	* Convert ObjectIdentifier to Oid
	*/
	objId = gssHeader.getOid();
	mechOid = new Oid(objId.toString());
	// System.out.println("Entered GSSContextImpl.acceptSecContext"
	// + " with mechanism = " + mechOid);
	if (myCred != null) {
	credElement = myCred.getElement(mechOid, false);
	}

	mechCtxt = gssManager.getMechanismContext(credElement,
	mechOid);
	mechCtxt.setChannelBinding(channelBindings);

	currentState = IN_PROGRESS;
	} else {
	if (mechCtxt.getProvider().getName().equals("SunNativeGSS") \|\|
	(GSSUtil.isSpNegoMech(mechOid))) {
	// do not parse GSS header for native provider and SPNEGO
	} else {
	// parse GSS Header
	gssHeader = new GSSHeader(inStream);
	if (!gssHeader.getOid().equals((Object) objId))
	throw new GSSExceptionImpl
	(GSSException.DEFECTIVE_TOKEN,
	"Mechanism not equal to " +
	mechOid.toString() +
	" in acceptSecContext token");
	inTokenLen = gssHeader.getMechTokenLength();
	}
	}

	byte[] obuf = mechCtxt.acceptSecContext(inStream, inTokenLen);

	if (obuf != null) {
	int retVal = obuf.length;
	if (mechCtxt.getProvider().getName().equals("SunNativeGSS") \|\|
	(GSSUtil.isSpNegoMech(mechOid))) {
	// do not add GSS header for native provider and SPNEGO
	} else {
	// add GSS header
	gssHeader = new GSSHeader(objId, obuf.length);
	retVal += gssHeader.encode(outStream);
	}
	outStream.write(obuf);
	}

	if (mechCtxt.isEstablished()) {
	currentState = READY;
	}
	} catch (IOException e) {
	throw new GSSExceptionImpl(GSSException.DEFECTIVE_TOKEN,
	e.getMessage());
	}
	}

	public boolean isEstablished() {
	if (mechCtxt == null)
	return false;
	else
	return (currentState == READY);
	}

	public int getWrapSizeLimit(int qop, boolean confReq,
	int maxTokenSize) throws GSSException {
	if (mechCtxt != null)
	return mechCtxt.getWrapSizeLimit(qop, confReq, maxTokenSize);
	else
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	}

	public byte[] wrap(byte inBuf[], int offset, int len,
	MessageProp msgProp) throws GSSException {
	if (mechCtxt != null)
	return mechCtxt.wrap(inBuf, offset, len, msgProp);
	else
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	}

	public void wrap(InputStream inStream, OutputStream outStream,
	MessageProp msgProp) throws GSSException {
	if (mechCtxt != null)
	mechCtxt.wrap(inStream, outStream, msgProp);
	else
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	}

	public byte [] unwrap(byte[] inBuf, int offset, int len,
	MessageProp msgProp) throws GSSException {
	if (mechCtxt != null)
	return mechCtxt.unwrap(inBuf, offset, len, msgProp);
	else
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	}

	public void unwrap(InputStream inStream, OutputStream outStream,
	MessageProp msgProp) throws GSSException {
	if (mechCtxt != null)
	mechCtxt.unwrap(inStream, outStream, msgProp);
	else
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	}

	public byte[] getMIC(byte []inMsg, int offset, int len,
	MessageProp msgProp) throws GSSException {
	if (mechCtxt != null)
	return mechCtxt.getMIC(inMsg, offset, len, msgProp);
	else
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	}

	public void getMIC(InputStream inStream, OutputStream outStream,
	MessageProp msgProp) throws GSSException {
	if (mechCtxt != null)
	mechCtxt.getMIC(inStream, outStream, msgProp);
	else
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	}

	public void verifyMIC(byte[] inTok, int tokOffset, int tokLen,
	byte[] inMsg, int msgOffset, int msgLen,
	MessageProp msgProp) throws GSSException {
	if (mechCtxt != null)
	mechCtxt.verifyMIC(inTok, tokOffset, tokLen,
	inMsg, msgOffset, msgLen, msgProp);
	else
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	}

	public void verifyMIC(InputStream tokStream, InputStream msgStream,
	MessageProp msgProp) throws GSSException {
	if (mechCtxt != null)
	mechCtxt.verifyMIC(tokStream, msgStream, msgProp);
	else
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	}

	public byte[] export() throws GSSException {
	// Defaults to null to match old behavior
	byte[] result = null;
	// Only allow context export from native provider since JGSS
	// still has not defined its own interprocess token format
	if (mechCtxt.isTransferable() &&
	mechCtxt.getProvider().getName().equals("SunNativeGSS")) {
	result = mechCtxt.export();
	}
	return result;
	}

	public void requestMutualAuth(boolean state) throws GSSException {
	if (mechCtxt == null && initiator)
	reqMutualAuthState = state;
	}

	public void requestReplayDet(boolean state) throws GSSException {
	if (mechCtxt == null && initiator)
	reqReplayDetState = state;
	}

	public void requestSequenceDet(boolean state) throws GSSException {
	if (mechCtxt == null && initiator)
	reqSequenceDetState = state;
	}

	public void requestCredDeleg(boolean state) throws GSSException {
	if (mechCtxt == null && initiator)
	reqCredDelegState = state;
	}

	public void requestAnonymity(boolean state) throws GSSException {
	if (mechCtxt == null && initiator)
	reqAnonState = state;
	}

	public void requestConf(boolean state) throws GSSException {
	if (mechCtxt == null && initiator)
	reqConfState = state;
	}

	public void requestInteg(boolean state) throws GSSException {
	if (mechCtxt == null && initiator)
	reqIntegState = state;
	}

	public void requestLifetime(int lifetime) throws GSSException {
	if (mechCtxt == null && initiator)
	reqLifetime = lifetime;
	}

	public void setChannelBinding(ChannelBinding channelBindings)
	throws GSSException {

	if (mechCtxt == null)
	this.channelBindings = channelBindings;

	}

	public boolean getCredDelegState() {
	if (mechCtxt != null)
	return mechCtxt.getCredDelegState();
	else
	return reqCredDelegState;
	}

	public boolean getMutualAuthState() {
	if (mechCtxt != null)
	return mechCtxt.getMutualAuthState();
	else
	return reqMutualAuthState;
	}

	public boolean getReplayDetState() {
	if (mechCtxt != null)
	return mechCtxt.getReplayDetState();
	else
	return reqReplayDetState;
	}

	public boolean getSequenceDetState() {
	if (mechCtxt != null)
	return mechCtxt.getSequenceDetState();
	else
	return reqSequenceDetState;
	}

	public boolean getAnonymityState() {
	if (mechCtxt != null)
	return mechCtxt.getAnonymityState();
	else
	return reqAnonState;
	}

	public boolean isTransferable() throws GSSException {
	if (mechCtxt != null)
	return mechCtxt.isTransferable();
	else
	return false;
	}

	public boolean isProtReady() {
	if (mechCtxt != null)
	return mechCtxt.isProtReady();
	else
	return false;
	}

	public boolean getConfState() {
	if (mechCtxt != null)
	return mechCtxt.getConfState();
	else
	return reqConfState;
	}

	public boolean getIntegState() {
	if (mechCtxt != null)
	return mechCtxt.getIntegState();
	else
	return reqIntegState;
	}

	public int getLifetime() {
	if (mechCtxt != null)
	return mechCtxt.getLifetime();
	else
	return reqLifetime;
	}

	public GSSName getSrcName() throws GSSException {
	if (srcName == null) {
	srcName = GSSNameImpl.wrapElement
	(gssManager, mechCtxt.getSrcName());
	}
	return srcName;
	}

	public GSSName getTargName() throws GSSException {
	if (targName == null) {
	targName = GSSNameImpl.wrapElement
	(gssManager, mechCtxt.getTargName());
	}
	return targName;
	}

	public Oid getMech() throws GSSException {
	if (mechCtxt != null) {
	return mechCtxt.getMech();
	}
	return mechOid;
	}

	public GSSCredential getDelegCred() throws GSSException {

	if (mechCtxt == null)
	throw new GSSExceptionImpl(GSSException.NO_CONTEXT,
	"No mechanism context yet!");
	GSSCredentialSpi delCredElement = mechCtxt.getDelegCred();
	return (delCredElement == null ?
	null : new GSSCredentialImpl(gssManager, delCredElement));
	}

	public boolean isInitiator() throws GSSException {
	return initiator;
	}

	public void dispose() throws GSSException {
	currentState = DELETED;
	if (mechCtxt != null) {
	mechCtxt.dispose();
	mechCtxt = null;
	}
	myCred = null;
	srcName = null;
	targName = null;
	}

	// ExtendedGSSContext methods:

	@Override
	public Object inquireSecContext(InquireType type) throws GSSException {
	SecurityManager security = System.getSecurityManager();
	if (security != null) {
	security.checkPermission(new InquireSecContextPermission(type.toString()));
	}
	if (mechCtxt == null) {
	throw new GSSException(GSSException.NO_CONTEXT);
	}
	return mechCtxt.inquireSecContext(type);
	}

	@Override
	public void requestDelegPolicy(boolean state) throws GSSException {
	if (mechCtxt == null && initiator)
	reqDelegPolicyState = state;
	}

	@Override
	public boolean getDelegPolicyState() {
	if (mechCtxt != null)
	return mechCtxt.getDelegPolicyState();
	else
	return reqDelegPolicyState;
	}
	}

Back to index...