Generic Security Services API Library Functions gss_wrap(3GSS)
NAME
gss_wrap - attach a cryptographic message
SYNOPSIS
cc [ flag... ] file... -lgss [ library... ]
#include
OM_uint32 gss_wrap(OM_uint32 *minor_status,
const gss_ctx_id_t context_handle, int conf_req_flag,
gss_qop_t qop_req, const gss_buffer_t input_message_buffer,
int *conf_state, gss_buffer_t output_message_buffer);
DESCRIPTION
The gss_wrap() function attaches a cryptographic MIC and
optionally encrypts the specified input_message. The
output_message contains both the MIC and the message. The
qop_req parameter allows a choice between several crypto-
graphic algorithms, if supported by the chosen mechanism.Since some application-level protocols may wish to use
tokens emitted by gss_wrap() to provide secure framing, the
GSS-API supports the wrapping of zero-length messages.
PARAMETERS
The parameter descriptions for gss_wrap() follow:
minor_status The status code returned by the
underlying mechanism.context_handle Identifies the context on which the
message will be sent.conf_req_flag If the value of conf_req_flag is
non-zero, both confidentiality and
integrity services are requested. If the value is zero, then only integrity service is requested.qop_req Specifies the required quality of
protection. A mechanism-specific
default may be requested by settingqop_req to GSS_C_QOP_DEFAULT. If an
unsupported protection strength isrequested, gss_wrap() will return a
major_status of GSS_S_BAD_QOP.
SunOS 5.11 Last change: 15 Jan 2003 1
Generic Security Services API Library Functions gss_wrap(3GSS)
input_message_buffer The message to be protected.
conf_state If the value of conf_state is non-
zero, confidentiality, data originauthentication, and integrity ser-
vices have been applied. If thevalue is zero, then integrity ser-
vices have been applied. Specify NULL if this parameter is not required.output_message_buffer The buffer to receive the protected
message. Storage associated with this message must be freed by the application after use with a callto gss_release_buffer(3GSS).
ERRORS
gss_wrap() may return the following status codes:
GSS_S_COMPLETE Successful completion.
GSS_S_CONTEXT_EXPIRED The context has already expired.
GSS_S_NO_CONTEXT The context_handle parameter did
not identify a valid context.GSS_S_BAD_QOP The specified QOP is not supported
by the mechanism.GSS_S_FAILURE The underlying mechanism detected
an error for which no specific GSS status code is defined. Themechanism-specific status code
reported by means of theminor_status parameter details the
error condition.ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:SunOS 5.11 Last change: 15 Jan 2003 2
Generic Security Services API Library Functions gss_wrap(3GSS)
____________________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________________|
| Availability | system/library/security/gss (32-bit)|
|_____________________________|_____________________________________|
| | SUNWgssx (64-bit) |
|_____________________________|_____________________________________|
| MT-Level | Safe |
|_____________________________|_____________________________________|
SEE ALSO
gss_release_buffer(3GSS), attributes(5)
Oracle Solaris Security for Developers GuideSunOS 5.11 Last change: 15 Jan 2003 3