Example #1
0
 public byte[] export() throws GSSException {
   // Defaults to null to match old behavior
   byte[] result = null;
   // Only allow context export from native provider since JGSS
   // still has not defined its own interprocess token format
   if (mechCtxt.isTransferable() && mechCtxt.getProvider().getName().equals("SunNativeGSS")) {
     result = mechCtxt.export();
   }
   return result;
 }
Example #2
0
  public GSSCredential getDelegCred() throws GSSException {

    if (mechCtxt == null)
      throw new GSSExceptionImpl(GSSException.NO_CONTEXT, "No mechanism context yet!");
    GSSCredentialSpi delCredElement = mechCtxt.getDelegCred();
    return (delCredElement == null ? null : new GSSCredentialImpl(gssManager, delCredElement));
  }
Example #3
0
 public void dispose() throws GSSException {
   currentState = DELETED;
   if (mechCtxt != null) {
     mechCtxt.dispose();
     mechCtxt = null;
   }
   myCred = null;
   srcName = null;
   targName = null;
 }
Example #4
0
 @Override
 public Object inquireSecContext(InquireType type) throws GSSException {
   SecurityManager security = System.getSecurityManager();
   if (security != null) {
     security.checkPermission(new InquireSecContextPermission(type.toString()));
   }
   if (mechCtxt == null) {
     throw new GSSException(GSSException.NO_CONTEXT);
   }
   return mechCtxt.inquireSecContext(type);
 }
Example #5
0
 public void verifyMIC(
     byte[] inTok,
     int tokOffset,
     int tokLen,
     byte[] inMsg,
     int msgOffset,
     int msgLen,
     MessageProp msgProp)
     throws GSSException {
   if (mechCtxt != null)
     mechCtxt.verifyMIC(inTok, tokOffset, tokLen, inMsg, msgOffset, msgLen, msgProp);
   else throw new GSSExceptionImpl(GSSException.NO_CONTEXT, "No mechanism context yet!");
 }
Example #6
0
 public boolean getIntegState() {
   if (mechCtxt != null) return mechCtxt.getIntegState();
   else return reqIntegState;
 }
Example #7
0
 public boolean getConfState() {
   if (mechCtxt != null) return mechCtxt.getConfState();
   else return reqConfState;
 }
Example #8
0
 public boolean isProtReady() {
   if (mechCtxt != null) return mechCtxt.isProtReady();
   else return false;
 }
Example #9
0
 public boolean isTransferable() throws GSSException {
   if (mechCtxt != null) return mechCtxt.isTransferable();
   else return false;
 }
Example #10
0
 public boolean getAnonymityState() {
   if (mechCtxt != null) return mechCtxt.getAnonymityState();
   else return reqAnonState;
 }
Example #11
0
  public int initSecContext(InputStream inStream, OutputStream outStream) throws GSSException {

    if (mechCtxt != null && currentState != IN_PROGRESS) {
      throw new GSSExceptionImpl(GSSException.FAILURE, "Illegal call to initSecContext");
    }

    GSSHeader gssHeader = null;
    int inTokenLen = -1;
    GSSCredentialSpi credElement = null;
    boolean firstToken = false;

    try {
      if (mechCtxt == null) {
        if (myCred != null) {
          try {
            credElement = myCred.getElement(mechOid, true);
          } catch (GSSException ge) {
            if (GSSUtil.isSpNegoMech(mechOid) && ge.getMajor() == GSSException.NO_CRED) {
              credElement = myCred.getElement(myCred.getMechs()[0], true);
            } else {
              throw ge;
            }
          }
        }
        GSSNameSpi nameElement = targName.getElement(mechOid);
        mechCtxt = gssManager.getMechanismContext(nameElement, credElement, reqLifetime, mechOid);
        mechCtxt.requestConf(reqConfState);
        mechCtxt.requestInteg(reqIntegState);
        mechCtxt.requestCredDeleg(reqCredDelegState);
        mechCtxt.requestMutualAuth(reqMutualAuthState);
        mechCtxt.requestReplayDet(reqReplayDetState);
        mechCtxt.requestSequenceDet(reqSequenceDetState);
        mechCtxt.requestAnonymity(reqAnonState);
        mechCtxt.setChannelBinding(channelBindings);
        mechCtxt.requestDelegPolicy(reqDelegPolicyState);

        objId = new ObjectIdentifier(mechOid.toString());

        currentState = IN_PROGRESS;
        firstToken = true;
      } else {
        if (mechCtxt.getProvider().getName().equals("SunNativeGSS")
            || GSSUtil.isSpNegoMech(mechOid)) {
          // do not parse GSS header for native provider or SPNEGO
          // mech
        } else {
          // parse GSS header
          gssHeader = new GSSHeader(inStream);
          if (!gssHeader.getOid().equals((Object) objId))
            throw new GSSExceptionImpl(
                GSSException.DEFECTIVE_TOKEN,
                "Mechanism not equal to " + mechOid.toString() + " in initSecContext token");
          inTokenLen = gssHeader.getMechTokenLength();
        }
      }

      byte[] obuf = mechCtxt.initSecContext(inStream, inTokenLen);

      int retVal = 0;

      if (obuf != null) {
        retVal = obuf.length;
        if (mechCtxt.getProvider().getName().equals("SunNativeGSS")
            || (!firstToken && GSSUtil.isSpNegoMech(mechOid))) {
          // do not add GSS header for native provider or SPNEGO
          // except for the first SPNEGO token
        } else {
          // add GSS header
          gssHeader = new GSSHeader(objId, obuf.length);
          retVal += gssHeader.encode(outStream);
        }
        outStream.write(obuf);
      }

      if (mechCtxt.isEstablished()) currentState = READY;

      return retVal;

    } catch (IOException e) {
      throw new GSSExceptionImpl(GSSException.DEFECTIVE_TOKEN, e.getMessage());
    }
  }
Example #12
0
  public void acceptSecContext(InputStream inStream, OutputStream outStream) throws GSSException {

    if (mechCtxt != null && currentState != IN_PROGRESS) {
      throw new GSSExceptionImpl(GSSException.FAILURE, "Illegal call to acceptSecContext");
    }

    GSSHeader gssHeader = null;
    int inTokenLen = -1;
    GSSCredentialSpi credElement = null;

    try {
      if (mechCtxt == null) {
        // mechOid will be null for an acceptor's context
        gssHeader = new GSSHeader(inStream);
        inTokenLen = gssHeader.getMechTokenLength();

        /*
         * Convert ObjectIdentifier to Oid
         */
        objId = gssHeader.getOid();
        mechOid = new Oid(objId.toString());
        // System.out.println("Entered GSSContextImpl.acceptSecContext"
        //                      + " with mechanism = " + mechOid);
        if (myCred != null) {
          credElement = myCred.getElement(mechOid, false);
        }

        mechCtxt = gssManager.getMechanismContext(credElement, mechOid);
        mechCtxt.setChannelBinding(channelBindings);

        currentState = IN_PROGRESS;
      } else {
        if (mechCtxt.getProvider().getName().equals("SunNativeGSS")
            || (GSSUtil.isSpNegoMech(mechOid))) {
          // do not parse GSS header for native provider and SPNEGO
        } else {
          // parse GSS Header
          gssHeader = new GSSHeader(inStream);
          if (!gssHeader.getOid().equals((Object) objId))
            throw new GSSExceptionImpl(
                GSSException.DEFECTIVE_TOKEN,
                "Mechanism not equal to " + mechOid.toString() + " in acceptSecContext token");
          inTokenLen = gssHeader.getMechTokenLength();
        }
      }

      byte[] obuf = mechCtxt.acceptSecContext(inStream, inTokenLen);

      if (obuf != null) {
        int retVal = obuf.length;
        if (mechCtxt.getProvider().getName().equals("SunNativeGSS")
            || (GSSUtil.isSpNegoMech(mechOid))) {
          // do not add GSS header for native provider and SPNEGO
        } else {
          // add GSS header
          gssHeader = new GSSHeader(objId, obuf.length);
          retVal += gssHeader.encode(outStream);
        }
        outStream.write(obuf);
      }

      if (mechCtxt.isEstablished()) {
        currentState = READY;
      }
    } catch (IOException e) {
      throw new GSSExceptionImpl(GSSException.DEFECTIVE_TOKEN, e.getMessage());
    }
  }
Example #13
0
 public GSSName getTargName() throws GSSException {
   if (targName == null) {
     targName = GSSNameImpl.wrapElement(gssManager, mechCtxt.getTargName());
   }
   return targName;
 }
Example #14
0
 public int getLifetime() {
   if (mechCtxt != null) return mechCtxt.getLifetime();
   else return reqLifetime;
 }
Example #15
0
 public void verifyMIC(InputStream tokStream, InputStream msgStream, MessageProp msgProp)
     throws GSSException {
   if (mechCtxt != null) mechCtxt.verifyMIC(tokStream, msgStream, msgProp);
   else throw new GSSExceptionImpl(GSSException.NO_CONTEXT, "No mechanism context yet!");
 }
Example #16
0
 public void getMIC(InputStream inStream, OutputStream outStream, MessageProp msgProp)
     throws GSSException {
   if (mechCtxt != null) mechCtxt.getMIC(inStream, outStream, msgProp);
   else throw new GSSExceptionImpl(GSSException.NO_CONTEXT, "No mechanism context yet!");
 }
Example #17
0
 public byte[] getMIC(byte[] inMsg, int offset, int len, MessageProp msgProp) throws GSSException {
   if (mechCtxt != null) return mechCtxt.getMIC(inMsg, offset, len, msgProp);
   else throw new GSSExceptionImpl(GSSException.NO_CONTEXT, "No mechanism context yet!");
 }
Example #18
0
 public byte[] wrap(byte inBuf[], int offset, int len, MessageProp msgProp) throws GSSException {
   if (mechCtxt != null) return mechCtxt.wrap(inBuf, offset, len, msgProp);
   else throw new GSSExceptionImpl(GSSException.NO_CONTEXT, "No mechanism context yet!");
 }
Example #19
0
 public int getWrapSizeLimit(int qop, boolean confReq, int maxTokenSize) throws GSSException {
   if (mechCtxt != null) return mechCtxt.getWrapSizeLimit(qop, confReq, maxTokenSize);
   else throw new GSSExceptionImpl(GSSException.NO_CONTEXT, "No mechanism context yet!");
 }
Example #20
0
 public GSSName getSrcName() throws GSSException {
   if (srcName == null) {
     srcName = GSSNameImpl.wrapElement(gssManager, mechCtxt.getSrcName());
   }
   return srcName;
 }
Example #21
0
 public boolean getCredDelegState() {
   if (mechCtxt != null) return mechCtxt.getCredDelegState();
   else return reqCredDelegState;
 }
Example #22
0
 public Oid getMech() throws GSSException {
   if (mechCtxt != null) {
     return mechCtxt.getMech();
   }
   return mechOid;
 }
Example #23
0
 public boolean getMutualAuthState() {
   if (mechCtxt != null) return mechCtxt.getMutualAuthState();
   else return reqMutualAuthState;
 }
Example #24
0
 public boolean getReplayDetState() {
   if (mechCtxt != null) return mechCtxt.getReplayDetState();
   else return reqReplayDetState;
 }
Example #25
0
 public boolean getSequenceDetState() {
   if (mechCtxt != null) return mechCtxt.getSequenceDetState();
   else return reqSequenceDetState;
 }
Example #26
0
 @Override
 public boolean getDelegPolicyState() {
   if (mechCtxt != null) return mechCtxt.getDelegPolicyState();
   else return reqDelegPolicyState;
 }
Example #27
0
 /**
  * Creates a GSSContextImpl out of a previously exported GSSContext.
  *
  * @see #isTransferable
  */
 public GSSContextImpl(GSSManagerImpl gssManager, byte[] interProcessToken) throws GSSException {
   this.gssManager = gssManager;
   mechCtxt = gssManager.getMechanismContext(interProcessToken);
   initiator = mechCtxt.isInitiator();
   this.mechOid = mechCtxt.getMech();
 }