1 /*
   2  * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package com.sun.security.jgss;
  27 
  28 /**
  29  * Attribute types that can be specified as an argument of
  30  * {@link com.sun.security.jgss.ExtendedGSSContext#inquireSecContext}
  31  */
  32 @jdk.Exported
  33 public enum InquireType {
  34     /**
  35      * Attribute type for retrieving the session key of an established
  36      * Kerberos 5 security context. The returned object is an instance of
  37      * {@link java.security.Key}, which has the following properties:
  38      *    <ul>
  39      *    <li>Algorithm: enctype as a string, where
  40      *        enctype is defined in RFC 3961, section 8.
  41      *    <li>Format: "RAW"
  42      *    <li>Encoded form: the raw key bytes, not in any ASN.1 encoding
  43      *    </ul>
  44      * @deprecated as of 9, replaced by {@link #KRB5_GET_SESSION_KEY_EX}
  45      * which returns an instance of
  46      * {@link javax.security.auth.kerberos.EncryptionKey}
  47      * that implements the {@link javax.crypto.SecretKey} interface and
  48      * has similar methods with {@link javax.security.auth.kerberos.KerberosKey}.
  49      */
  50     @Deprecated
  51     KRB5_GET_SESSION_KEY,
  52     /**
  53      * Attribute type for retrieving the session key of an
  54      * established Kerberos 5 security context. The return value is an
  55      * instance of {@link javax.security.auth.kerberos.EncryptionKey}.
  56      *
  57      * @since 9
  58      */
  59     KRB5_GET_SESSION_KEY_EX,
  60     /**
  61      * Attribute type for retrieving the service ticket flags of an
  62      * established Kerberos 5 security context. The returned object is
  63      * a boolean array for the service ticket flags, which is long enough
  64      * to contain all true bits. This means if the user wants to get the
  65      * <em>n</em>'th bit but the length of the returned array is less than
  66      * <em>n</em>, it is regarded as false.
  67      */
  68     KRB5_GET_TKT_FLAGS,
  69     /**
  70      * Attribute type for retrieving the authorization data in the
  71      * service ticket of an established Kerberos 5 security context.
  72      * Only supported on the acceptor side.
  73      */
  74     KRB5_GET_AUTHZ_DATA,
  75     /**
  76      * Attribute type for retrieving the authtime in the service ticket
  77      * of an established Kerberos 5 security context. The returned object
  78      * is a String object in the standard KerberosTime format defined in
  79      * RFC 4120 Section 5.2.3.
  80      */
  81     KRB5_GET_AUTHTIME,
  82     /**
  83      * Attribute type for retrieving the KRB_CRED message that an initiator
  84      * is about to send to an acceptor. The return type is an instance of
  85      * {@link javax.security.auth.kerberos.KerberosCredMessage}.
  86      *
  87      * @since 9
  88      */
  89     KRB5_GET_KRB_CRED,
  90 }