1 /*
2 * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package com.sun.security.jgss;
27
28 /**
29 * Attribute types that can be specified as an argument of
30 * {@link com.sun.security.jgss.ExtendedGSSContext#inquireSecContext}
31 */
32 @jdk.Exported
33 public enum InquireType {
34 /**
35 * Attribute type for retrieving the session key of an established
36 * Kerberos 5 security context. The returned object is an instance of
37 * {@link java.security.Key}, which has the following properties:
38 * <ul>
39 * <li>Algorithm: enctype as a string, where
40 * enctype is defined in RFC 3961, section 8.
41 * <li>Format: "RAW"
42 * <li>Encoded form: the raw key bytes, not in any ASN.1 encoding
43 * </ul>
44 * @deprecated as of 1.9, replaced by {@link #KRB5_GET_SESSION_KEY_EX}
45 * which returns an instance of
46 * {@link javax.security.auth.kerberos.EncryptionKey}
47 * that implements the {@link javax.crypto.SecretKey} interface and
48 * has similar methods with {@link javax.security.auth.kerberos.KerberosKey}.
49 */
50 @Deprecated
51 KRB5_GET_SESSION_KEY,
52 /**
53 * Attribute type for retrieving the session key of an
54 * established Kerberos 5 security context. The return value is an
55 * instance of {@link javax.security.auth.kerberos.EncryptionKey}.
56 *
57 * @since 1.9
58 */
59 KRB5_GET_SESSION_KEY_EX,
60 /**
61 * Attribute type for retrieving the service ticket flags of an
62 * established Kerberos 5 security context. The returned object is
63 * a boolean array for the service ticket flags, which is long enough
64 * to contain all true bits. This means if the user wants to get the
65 * <em>n</em>'th bit but the length of the returned array is less than
66 * <em>n</em>, it is regarded as false.
67 */
68 KRB5_GET_TKT_FLAGS,
69 /**
70 * Attribute type for retrieving the authorization data in the
71 * service ticket of an established Kerberos 5 security context.
72 * Only supported on the acceptor side.
73 */
74 KRB5_GET_AUTHZ_DATA,
75 /**
76 * Attribute type for retrieving the authtime in the service ticket
77 * of an established Kerberos 5 security context. The returned object
78 * is a String object in the standard KerberosTime format defined in
79 * RFC 4120 Section 5.2.3.
80 */
81 KRB5_GET_AUTHTIME,
82 /**
83 * Attribute type for retrieving the KRB_CRED message that an initiator
84 * is about to send to an acceptor. The return type is an instance of
85 * {@link javax.security.auth.kerberos.KerberosCredMessage}.
86 *
87 * @since 1.9
88 */
89 KRB5_GET_KRB_CRED,
90 }