1/*
2 * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26package com.sun.security.jgss;
27
28/**
29 * Attribute types that can be specified as an argument of
30 * {@link com.sun.security.jgss.ExtendedGSSContext#inquireSecContext}
31 */
32public enum InquireType {
33    /**
34     * Attribute type for retrieving the session key of an established
35     * Kerberos 5 security context. The returned object is an instance of
36     * {@link java.security.Key}, which has the following properties:
37     *    <ul>
38     *    <li>Algorithm: enctype as a string, where
39     *        enctype is defined in RFC 3961, section 8.
40     *    <li>Format: "RAW"
41     *    <li>Encoded form: the raw key bytes, not in any ASN.1 encoding
42     *    </ul>
43     * @deprecated as of 9, replaced by {@link #KRB5_GET_SESSION_KEY_EX}
44     * which returns an instance of
45     * {@link javax.security.auth.kerberos.EncryptionKey}
46     * that implements the {@link javax.crypto.SecretKey} interface and
47     * has similar methods with {@link javax.security.auth.kerberos.KerberosKey}.
48     */
49    @Deprecated
50    KRB5_GET_SESSION_KEY,
51    /**
52     * Attribute type for retrieving the session key of an
53     * established Kerberos 5 security context. The return value is an
54     * instance of {@link javax.security.auth.kerberos.EncryptionKey}.
55     *
56     * @since 9
57     */
58    KRB5_GET_SESSION_KEY_EX,
59    /**
60     * Attribute type for retrieving the service ticket flags of an
61     * established Kerberos 5 security context. The returned object is
62     * a boolean array for the service ticket flags, which is long enough
63     * to contain all true bits. This means if the user wants to get the
64     * <em>n</em>'th bit but the length of the returned array is less than
65     * <em>n</em>, it is regarded as false.
66     */
67    KRB5_GET_TKT_FLAGS,
68    /**
69     * Attribute type for retrieving the authorization data in the
70     * service ticket of an established Kerberos 5 security context.
71     * Only supported on the acceptor side.
72     */
73    KRB5_GET_AUTHZ_DATA,
74    /**
75     * Attribute type for retrieving the authtime in the service ticket
76     * of an established Kerberos 5 security context. The returned object
77     * is a String object in the standard KerberosTime format defined in
78     * RFC 4120 Section 5.2.3.
79     */
80    KRB5_GET_AUTHTIME,
81    /**
82     * Attribute type for retrieving the KRB_CRED message that an initiator
83     * is about to send to an acceptor. The return type is an instance of
84     * {@link javax.security.auth.kerberos.KerberosCredMessage}.
85     *
86     * @since 9
87     */
88    KRB5_GET_KRB_CRED,
89}
90