Source for org.ietf.jgss.ChannelBinding

   1: /* ChannelBinding.java -- a channel binding in the GSS-API.
   2:    Copyright (C) 2004 Free Software Foundation, Inc.
   3: 
   4: This file is part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2, or (at your option)
   9: any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; see the file COPYING.  If not, write to the
  18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19: 02110-1301 USA.
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version.
  37: 
  38:    The documentation comments of this class are derived from the text
  39:    of RFC 2853:  Generic Security Service API Version 2: Java Bindings.
  40:    That document is covered under the following license notice:
  41: 
  42: Copyright (C) The Internet Society (2000).  All Rights Reserved.
  43: 
  44: This document and translations of it may be copied and furnished to
  45: others, and derivative works that comment on or otherwise explain it
  46: or assist in its implementation may be prepared, copied, published and
  47: distributed, in whole or in part, without restriction of any kind,
  48: provided that the above copyright notice and this paragraph are
  49: included on all such copies and derivative works.  However, this
  50: document itself may not be modified in any way, such as by removing
  51: the copyright notice or references to the Internet Society or other
  52: Internet organizations, except as needed for the purpose of developing
  53: Internet standards in which case the procedures for copyrights defined
  54: in the Internet Standards process must be followed, or as required to
  55: translate it into languages other than English.
  56: 
  57: The limited permissions granted above are perpetual and will not be
  58: revoked by the Internet Society or its successors or assigns.
  59: 
  60: This document and the information contained herein is provided on an
  61: "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
  62: TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
  63: NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN
  64: WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
  65: MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. */
  66: 
  67: 
  68: package org.ietf.jgss;
  69: 
  70: import java.net.InetAddress;
  71: import java.util.Arrays;
  72: 
  73: /**
  74:  * <p>The GSS-API accommodates the concept of caller-provided channel
  75:  * binding information.  Channel bindings are used to strengthen the
  76:  * quality with which peer entity authentication is provided during
  77:  * context establishment.  They enable the GSS-API callers to bind the
  78:  * establishment of the security context to relevant characteristics
  79:  * like addresses or to application specific data.</p>
  80:  *
  81:  * <p>The caller initiating the security context must determine the
  82:  * appropriate channel binding values to set in the {@link GSSContext}
  83:  * object. The acceptor must provide an identical binding in order to
  84:  * validate that received tokens possess correct channel-related
  85:  * characteristics.</p>
  86:  *
  87:  * <p>Use of channel bindings is optional in GSS-API.  Since channel-binding
  88:  * information may be transmitted in context establishment tokens,
  89:  * applications should therefore not use confidential data as
  90:  * channel-binding components.</p>
  91:  */
  92: public class ChannelBinding
  93: {
  94: 
  95:   // Fields.
  96:   // -------------------------------------------------------------------------
  97: 
  98:   private final byte[] appData;
  99:   private final InetAddress initAddr;
 100:   private final InetAddress acceptAddr;
 101: 
 102:   // Constructor.
 103:   // -------------------------------------------------------------------------
 104: 
 105:   /**
 106:    * Create a ChannelBinding object with user supplied address information
 107:    * and data. <code>null</code> values can be used for any fields which the
 108:    * application does not want to specify.
 109:    *
 110:    * @param initAddr   The address of the context initiator. <code>null</code>
 111:    *                   value can be supplied to indicate that the application
 112:    *                   does not want to set this value.
 113:    * @param acceptAddr The address of the context acceptor. <code>null</code>
 114:    *                   value can be supplied to indicate that the application
 115:    *                   does not want to set this value.
 116:    * @param appData    Application supplied data to be used as part of the
 117:    *                   channel bindings. <code>null</code> value can be
 118:    *                   supplied to indicate that the application does not
 119:    *                   want to set this value.
 120:    */
 121:   public ChannelBinding(InetAddress initAddr, InetAddress acceptAddr,
 122:                         byte[] appData)
 123:   {
 124:     this.appData = (appData != null) ? (byte[]) appData.clone() : null;
 125:     this.initAddr = initAddr;
 126:     this.acceptAddr = acceptAddr;
 127:   }
 128: 
 129:   /**
 130:    * Creates a ChannelBinding object without any addressing information.
 131:    *
 132:    * @param appData Application supplied data to be used as part of the
 133:    *                channel bindings.
 134:    */
 135:   public ChannelBinding(byte[] appData)
 136:   {
 137:     this(null, null, appData);
 138:   }
 139: 
 140:   // Instance methods.
 141:   // -------------------------------------------------------------------------
 142: 
 143:   /**
 144:    * Returns the initiator's address for this channel binding.
 145:    * <code>null</code> is returned if the address has not been set.
 146:    *
 147:    * @return The initiator's address, or <code>null</code>.
 148:    */
 149:   public InetAddress getInitiatorAddress()
 150:   {
 151:     return initAddr;
 152:   }
 153: 
 154:   /**
 155:    * Returns the acceptor's address for this channel binding.
 156:    * <code>null</code> is returned if the address has not been set.
 157:    *
 158:    * @return The acceptor's address, or <code>null</code>.
 159:    */
 160:   public InetAddress getAcceptorAddress()
 161:   {
 162:     return acceptAddr;
 163:   }
 164: 
 165:   /**
 166:    * Returns application data being used as part of the ChannelBinding.
 167:    * <code>null</code> is returned if no application data has been
 168:    * specified for the channel binding.
 169:    *
 170:    * @return The application data, or <code>null</code>.
 171:    */
 172:   public byte[] getApplicationData()
 173:   {
 174:     if (appData != null)
 175:       return (byte[]) appData.clone();
 176:     return null;
 177:   }
 178: 
 179:   /**
 180:    * Returns <code>true</code> if two channel bindings match.
 181:    *
 182:    * @param obj Another channel binding to compare with.
 183:    * @return True if this channel binding equals the other.
 184:    */
 185:   public boolean equals(Object obj)
 186:   {
 187:     if (!(obj instanceof ChannelBinding))
 188:       return false;
 189:     ChannelBinding cb = (ChannelBinding) obj;
 190:     boolean b1 = Arrays.equals(appData, cb.appData);
 191:     boolean b2 = (initAddr == null && cb.initAddr == null)
 192:       || (cb.initAddr != null && initAddr.equals(cb.initAddr));
 193:     boolean b3 = (acceptAddr == null && cb.acceptAddr == null)
 194:       || (cb.acceptAddr != null && acceptAddr.equals(cb.acceptAddr));
 195:     return b1 && b2 && b3;
 196:   }
 197: 
 198:   /**
 199:    * Returns the hash code for this channel binding.
 200:    *
 201:    * @return The hash code.
 202:    */
 203:   public int hashCode()
 204:   {
 205:     int code = 0;
 206:     if (appData != null)
 207:       for (int i = 0; i < appData.length; i++)
 208:         code ^= appData[i] << ((8 * i) & 31);
 209:     if (initAddr != null)
 210:       code ^= initAddr.hashCode();
 211:     if (acceptAddr != null)
 212:       code ^= acceptAddr.hashCode();
 213:     return code;
 214:   }
 215: }