1 /*
2  * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.  Oracle designates this
8  * particular file as subject to the "Classpath" exception as provided
9  * by Oracle in the LICENSE file that accompanied this code.
10  *
11  * This code is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14  * version 2 for more details (a copy is included in the LICENSE file that
15  * accompanied this code).
16  *
17  * You should have received a copy of the GNU General Public License version
18  * 2 along with this work; if not, write to the Free Software Foundation,
19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20  *
21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22  * or visit www.oracle.com if you need additional information or have any
23  * questions.
24  */
25 
26 package com.sun.security.jgss;
27 
28 /**
29  * Attribute types that can be specified as an argument of
30  * {@link com.sun.security.jgss.ExtendedGSSContext#inquireSecContext}
31  */
32 public enum InquireType {
33     /**
34      * Attribute type for retrieving the session key of an established
35      * Kerberos 5 security context. The returned object is an instance of
36      * {@link java.security.Key}, which has the following properties:
37      *    <ul>
38      *    <li>Algorithm: enctype as a string, where
39      *        enctype is defined in RFC 3961, section 8.
40      *    <li>Format: "RAW"
41      *    <li>Encoded form: the raw key bytes, not in any ASN.1 encoding
42      *    </ul>
43      * @deprecated as of 9, replaced by {@link #KRB5_GET_SESSION_KEY_EX}
44      * which returns an instance of
45      * {@link javax.security.auth.kerberos.EncryptionKey}
46      * that implements the {@link javax.crypto.SecretKey} interface and
47      * has similar methods with {@link javax.security.auth.kerberos.KerberosKey}.
48      */
49     @Deprecated
50     KRB5_GET_SESSION_KEY,
51     /**
52      * Attribute type for retrieving the session key of an
53      * established Kerberos 5 security context. The return value is an
54      * instance of {@link javax.security.auth.kerberos.EncryptionKey}.
55      *
56      * @since 9
57      */
58     KRB5_GET_SESSION_KEY_EX,
59     /**
60      * Attribute type for retrieving the service ticket flags of an
61      * established Kerberos 5 security context. The returned object is
62      * a boolean array for the service ticket flags, which is long enough
63      * to contain all true bits. This means if the user wants to get the
64      * <em>n</em>'th bit but the length of the returned array is less than
65      * <em>n</em>, it is regarded as false.
66      */
67     KRB5_GET_TKT_FLAGS,
68     /**
69      * Attribute type for retrieving the authorization data in the
70      * service ticket of an established Kerberos 5 security context.
71      * Only supported on the acceptor side.
72      */
73     KRB5_GET_AUTHZ_DATA,
74     /**
75      * Attribute type for retrieving the authtime in the service ticket
76      * of an established Kerberos 5 security context. The returned object
77      * is a String object in the standard KerberosTime format defined in
78      * RFC 4120 Section 5.2.3.
79      */
80     KRB5_GET_AUTHTIME,
81     /**
82      * Attribute type for retrieving the KRB_CRED message that an initiator
83      * is about to send to an acceptor. The return type is an instance of
84      * {@link javax.security.auth.kerberos.KerberosCredMessage}.
85      *
86      * @since 9
87      */
88     KRB5_GET_KRB_CRED,
89 }
90