changeset 50891:ba1b490901d4

8072996: Deprecate stream-based GSSContext methods Reviewed-by: mullan
author weijun
date Wed, 30 May 2018 22:24:20 +0800
parents ed7605e8675f
children 9ace9865028c
files src/java.security.jgss/share/classes/org/ietf/jgss/GSSContext.java src/java.security.jgss/share/classes/sun/security/jgss/GSSContextImpl.java src/java.security.jgss/share/classes/sun/security/jgss/spnego/SpNegoContext.java
diffstat 3 files changed, 55 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSContext.java	Wed May 30 16:10:21 2018 +0200
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSContext.java	Wed May 30 22:24:20 2018 +0800
@@ -99,6 +99,25 @@
  * mechanism provider. The application will need to ensure that it has the
  * appropriate permissions if such checks are made in the mechanism layer.<p>
  *
+ * The stream-based methods of {@code GSSContext} have been deprecated in
+ * Java SE 11. These methods have also been removed from
+ * <a href="http://tools.ietf.org/html/rfc8353">
+ * RFC 8353: Generic Security Service API Version 2: Java Bindings Update</a>
+ * for the following reasons (see section 11): "The overloaded methods of
+ * GSSContext that use input and output streams as the means to convey
+ * authentication and per-message GSS-API tokens as described in Section 5.15
+ * of RFC 5653 are removed in this update as the wire protocol
+ * should be defined by an application and not a library. It's also impossible
+ * to implement these methods correctly when the token has no self-framing
+ * (where the end cannot be determined), or the library has no knowledge of
+ * the token format (for example, as a bridge talking to another GSS library)".
+ * These methods include {@link #initSecContext(InputStream, OutputStream)},
+ * {@link #acceptSecContext(InputStream, OutputStream)},
+ * {@link #wrap(InputStream, OutputStream, MessageProp)},
+ * {@link #unwrap(InputStream, OutputStream, MessageProp)},
+ * {@link #getMIC(InputStream, OutputStream, MessageProp)},
+ * and {@link #verifyMIC(InputStream, InputStream, MessageProp)}.<p>
+ *
  * The example code presented below demonstrates the usage of the
  * <code>GSSContext</code> interface for the initiating peer.  Different
  * operations on the <code>GSSContext</code> object are presented,
@@ -316,7 +335,10 @@
      *   {@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE},
      *   {@link GSSException#BAD_MECH GSSException.BAD_MECH},
      *   {@link GSSException#FAILURE GSSException.FAILURE}
+     * @deprecated The stream-based methods have been removed from RFC 8353.
+     * Use {@link #initSecContext(byte[], int, int)} instead.
      */
+    @Deprecated(since="11")
     public int initSecContext(InputStream inStream,
                               OutputStream outStream) throws GSSException;
 
@@ -459,6 +481,9 @@
      *   {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN},
      *   {@link GSSException#BAD_MECH GSSException.BAD_MECH},
      *   {@link GSSException#FAILURE GSSException.FAILURE}
+     *
+     * @deprecated The stream-based methods have been removed from RFC 8353.
+     * Use {@link #acceptSecContext(byte[], int, int)} instead.
      */
     /* Missing return value in RFC. int should have been returned.
      * -----------------------------------------------------------
@@ -472,6 +497,7 @@
      * 0 indicates that no token  needs to be
      * sent.</strong>
      */
+    @Deprecated(since="11")
     public void acceptSecContext(InputStream inStream,
                                  OutputStream outStream) throws GSSException;
 
@@ -613,7 +639,11 @@
      *   {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},
      *   {@link GSSException#BAD_QOP GSSException.BAD_QOP},
      *   {@link GSSException#FAILURE GSSException.FAILURE}
+     *
+     * @deprecated The stream-based methods have been removed from RFC 8353.
+     * Use {@link #wrap(byte[], int, int, MessageProp)} instead.
      */
+    @Deprecated(since="11")
     public void wrap(InputStream inStream, OutputStream outStream,
                      MessageProp msgProp) throws GSSException;
 
@@ -696,7 +726,11 @@
      *   {@link GSSException#BAD_MIC GSSException.BAD_MIC},
      *   {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},
      *   {@link GSSException#FAILURE GSSException.FAILURE}
+     *
+     * @deprecated The stream-based methods have been removed from RFC 8353.
+     * Use {@link #unwrap(byte[], int, int, MessageProp)} instead.
      */
+    @Deprecated(since="11")
     public void unwrap(InputStream inStream, OutputStream outStream,
                        MessageProp msgProp) throws GSSException;
 
@@ -761,7 +795,11 @@
      *   {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},
      *   {@link GSSException#BAD_QOP GSSException.BAD_QOP},
      *   {@link GSSException#FAILURE GSSException.FAILURE}
+     *
+     * @deprecated The stream-based methods have been removed from RFC 8353.
+     * Use {@link #getMIC(byte[], int, int, MessageProp)} instead.
      */
+    @Deprecated(since="11")
     public void getMIC(InputStream inStream, OutputStream outStream,
                        MessageProp msgProp) throws GSSException;
 
@@ -844,7 +882,12 @@
      *   {@link GSSException#BAD_MIC GSSException.BAD_MIC}
      *   {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}
      *   {@link GSSException#FAILURE GSSException.FAILURE}
+     *
+     * @deprecated The stream-based methods have been removed from RFC 8353.
+     * Use {@link #verifyMIC(byte[], int, int, byte[], int, int, MessageProp)}
+     * instead.
      */
+    @Deprecated(since="11")
     public void verifyMIC(InputStream tokStream, InputStream msgStream,
                           MessageProp msgProp) throws GSSException;
 
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSContextImpl.java	Wed May 30 16:10:21 2018 +0200
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSContextImpl.java	Wed May 30 22:24:20 2018 +0800
@@ -197,6 +197,7 @@
         return (size == 0? null : bos.toByteArray());
     }
 
+    @Deprecated(since="11")
     public int initSecContext(InputStream inStream,
                               OutputStream outStream) throws GSSException {
 
@@ -305,6 +306,7 @@
         return (out.length == 0) ? null : out;
     }
 
+    @Deprecated(since="11")
     public void acceptSecContext(InputStream inStream,
                                  OutputStream outStream) throws GSSException {
 
@@ -405,6 +407,7 @@
                                    "No mechanism context yet!");
     }
 
+    @Deprecated(since="11")
     public void wrap(InputStream inStream, OutputStream outStream,
                      MessageProp msgProp) throws GSSException {
         if (mechCtxt != null)
@@ -423,6 +426,7 @@
                                   "No mechanism context yet!");
     }
 
+    @Deprecated(since="11")
     public void unwrap(InputStream inStream, OutputStream outStream,
                        MessageProp msgProp) throws GSSException {
         if (mechCtxt != null)
@@ -441,6 +445,7 @@
                                   "No mechanism context yet!");
     }
 
+    @Deprecated(since="11")
     public void getMIC(InputStream inStream, OutputStream outStream,
                        MessageProp msgProp) throws GSSException {
         if (mechCtxt != null)
@@ -461,6 +466,7 @@
                                   "No mechanism context yet!");
     }
 
+    @Deprecated(since="11")
     public void verifyMIC(InputStream tokStream, InputStream msgStream,
                           MessageProp msgProp) throws GSSException {
         if (mechCtxt != null)
--- a/src/java.security.jgss/share/classes/sun/security/jgss/spnego/SpNegoContext.java	Wed May 30 16:10:21 2018 +0200
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/spnego/SpNegoContext.java	Wed May 30 22:24:20 2018 +0800
@@ -281,6 +281,7 @@
      * to its peer for processing.
      * @exception GSSException
      */
+    @Deprecated(since="11")
     public final byte[] initSecContext(InputStream is, int mechTokenSize)
         throws GSSException {
 
@@ -475,6 +476,7 @@
      * to its peer for processing.
      * @exception GSSException
      */
+    @Deprecated(since="11")
     public final byte[] acceptSecContext(InputStream is, int mechTokenSize)
         throws GSSException {
 
@@ -1128,6 +1130,7 @@
         }
     }
 
+    @Deprecated(since="11")
     public final void wrap(InputStream is, OutputStream os,
                             MessageProp msgProp) throws GSSException {
         if (mechContext != null) {
@@ -1149,6 +1152,7 @@
         }
     }
 
+    @Deprecated(since="11")
     public final void unwrap(InputStream is, OutputStream os,
                              MessageProp msgProp) throws GSSException {
         if (mechContext != null) {
@@ -1170,6 +1174,7 @@
         }
     }
 
+    @Deprecated(since="11")
     public final void getMIC(InputStream is, OutputStream os,
                               MessageProp msgProp) throws GSSException {
         if (mechContext != null) {
@@ -1193,6 +1198,7 @@
         }
     }
 
+    @Deprecated(since="11")
     public final void verifyMIC(InputStream is, InputStream msgStr,
                                  MessageProp msgProp) throws GSSException {
         if (mechContext != null) {