1 /*
2 * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package com.sun.security.jgss;
27
28 /**
29 * Attribute types that can be specified as an argument of
30 * {@link com.sun.security.jgss.ExtendedGSSContext#inquireSecContext}
31 */
32 public enum InquireType {
33 /**
34 * Attribute type for retrieving the session key of an established
35 * Kerberos 5 security context. The returned object is an instance of
36 * {@link java.security.Key}, which has the following properties:
37 * <ul>
38 * <li>Algorithm: enctype as a string, where
39 * enctype is defined in RFC 3961, section 8.
40 * <li>Format: "RAW"
41 * <li>Encoded form: the raw key bytes, not in any ASN.1 encoding
42 * </ul>
43 * @deprecated as of 1.9, replaced by {@link #KRB5_GET_SESSION_KEY_EX}
44 * which returns an instance of
45 * {@link javax.security.auth.kerberos.EncryptionKey}
46 * that implements the {@link javax.crypto.SecretKey} interface and
47 * has similar methods with {@link javax.security.auth.kerberos.KerberosKey}.
48 */
49 @Deprecated
50 KRB5_GET_SESSION_KEY,
51 /**
52 * Attribute type for retrieving the session key of an
53 * established Kerberos 5 security context. The return value is an
54 * instance of {@link javax.security.auth.kerberos.EncryptionKey}.
55 *
56 * @since 1.9
57 */
58 KRB5_GET_SESSION_KEY_EX,
59 /**
60 * Attribute type for retrieving the service ticket flags of an
61 * established Kerberos 5 security context. The returned object is
62 * a boolean array for the service ticket flags, which is long enough
63 * to contain all true bits. This means if the user wants to get the
64 * <em>n</em>'th bit but the length of the returned array is less than
65 * <em>n</em>, it is regarded as false.
66 */
67 KRB5_GET_TKT_FLAGS,
68 /**
69 * Attribute type for retrieving the authorization data in the
70 * service ticket of an established Kerberos 5 security context.
71 * Only supported on the acceptor side.
72 */
73 KRB5_GET_AUTHZ_DATA,
74 /**
75 * Attribute type for retrieving the authtime in the service ticket
76 * of an established Kerberos 5 security context. The returned object
77 * is a String object in the standard KerberosTime format defined in
78 * RFC 4120 Section 5.2.3.
79 */
80 KRB5_GET_AUTHTIME,
81 /**
82 * Attribute type for retrieving the KRB_CRED message that an initiator
83 * is about to send to an acceptor. The return type is an instance of
84 * {@link javax.security.auth.kerberos.KerberosCredMessage}.
85 *
86 * @since 1.9
87 */
88 KRB5_GET_KRB_CRED,
89 }