GSS_WRAP(3GSS) Generic Security Services API Library Functions
NAME
gss_wrap - attach a cryptographic message
SYNOPSIS
cc [
flag... ]
file...
-lgss [
library... ]
#include <gssapi/gssapi.h>
OM_uint32 gss_wrap(
OM_uint32 *minor_status,
const gss_ctx_id_t context_handle,
int conf_req_flag,
gss_qop_t qop_req,
const gss_buffer_t input_message_buffer,
int *conf_state,
gss_buffer_t output_message_buffer);
DESCRIPTION
The
gss_wrap() function attaches a cryptographic
MIC and optionally
encrypts the specified
input_message. The
output_message contains
both the
MIC and the message. The
qop_req parameter allows a choice
between several cryptographic algorithms, if supported by the chosen
mechanism.
Since some application-level protocols may wish to use tokens emitted
by
gss_wrap() to provide secure framing, the
GSS-API supports the
wrapping of zero-length messages.
PARAMETERS
The parameter descriptions for
gss_wrap() follow:
minor_status The status code returned by the underlying
mechanism.
context_handle Identifies the context on which the message
will be sent.
conf_req_flag If the value of
conf_req_flag is non-zero,
both confidentiality and integrity services
are requested. If the value is zero, then
only integrity service is requested.
qop_req Specifies the required quality of
protection. A mechanism-specific default may
be requested by setting
qop_req to
GSS_C_QOP_DEFAULT. If an unsupported
protection strength is requested,
gss_wrap() will return a
major_status of
GSS_S_BAD_QOP.
input_message_buffer The message to be protected.
conf_state If the value of
conf_state is non-zero,
confidentiality, data origin authentication,
and integrity services have been applied. If
the value is zero, then integrity services
have been applied. Specify
NULL if this
parameter is not required.
output_message_buffer The buffer to receive the protected message.
Storage associated with this message must be
freed by the application after use with a
call to
gss_release_buffer(3GSS).
ERRORS
gss_wrap() may return the following status codes:
GSS_S_COMPLETE Successful completion.
GSS_S_CONTEXT_EXPIRED The context has already expired.
GSS_S_NO_CONTEXT The
context_handle parameter did not
identify a valid context.
GSS_S_BAD_QOP The specified
QOP is not supported by the
mechanism.
GSS_S_FAILURE The underlying mechanism detected an error
for which no specific
GSS status code is
defined. The mechanism-specific status code
reported by means of the
minor_status parameter details the error condition.
ATTRIBUTES
See
attributes(7) for descriptions of the following attributes:
+---------------+-----------------+
|ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+---------------+-----------------+
|MT-Level | Safe |
+---------------+-----------------+
SEE ALSO
gss_release_buffer(3GSS),
attributes(7) Solaris Security for Developers Guide January 15, 2003 GSS_WRAP(3GSS)
