NAME
gss_wrap() — attach a message integrity code (MIC) to a message, and optionally encrypt the message content
SYNOPSIS
#include <gssapi.h>
OM_uint32 gss_wrap (
OM_uint32 *minor_status,
const gss_ctx_id_t context_handle,
int conf_req_flag,
gss_qop_t qop_req,
const gss_buffer_t input_message_buffer,
int *conf_state,
gss_buffer_t output_message_buffer)
DESCRIPTION
The
gss_wrap()
routine attaches a cryptographic message integrity
code (MIC) and optionally encrypts the
input_message.
The
output_message
contains both the MIC and the message.
Although the
qop_req
parameter enables a choice between several
qualities of protection, if you specify an unsupported protection,
the
gss_wrap()
routine returns a status of
GSS_S_FAILURE.
Input Parameters
- context_handle
Specifies the context on which the message is sent.
- conf_req_flag
Specifies the requested level of confidentiality and integrity
services, as follows:
- Non-zero
Both confidentiality and integrity services are requested.
- Zero
Only integrity services are requested.
- qop_req
Specifies the cryptographic algorithm, or quality of protection.
A mechanism-specific default may be requested by setting
qop_req
to
GSS_C_QOP_DEFAULT.
- input_message_buffer
Specifies the message to be protected.
Output Parameters
- conf_state
Returns the requested level of confidentiality and integrity
services, as follows:
- Non-zero
Confidentiality, data origin, authentication, and integrity services
have been applied.
- Zero
Only integrity and data origin services have been applied.
- output_message_buffer
Returns the buffer to receive the protected message.
- minor_status
Returns a status code from the security mechanism.
STATUS CODES
The following status codes can be returned:
- GSS_S_COMPLETE
The routine was completed successfully.
- GSS_S_CONTEXT_EXPIRED
The context has already expired.
- GSS_S_CREDENTIALS_EXPIRED
The context is recognized but the associated
credentials have expired.
- GSS_S_FAILURE
The routine failed. Check the
minor_status
parameter for details.
- GSS_S_NO_CONTEXT
The context identified in the
context_handle
parameter was not valid.
- GSS_S_BAD_QOP
The specified QOP is not
supported by the mechanism.
AUTHOR
gss_wrap()
was developed by Sun Microsystems, Inc.
SEE ALSO
gss_unwrap(3),
gss_wrap_size_limit(3).
The manpages for DCE-GSSAPI are included with the DCE-CoreTools product.
To see those manpages add
/opt/dce/share/man
to
MANPATH.