Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ gss_seal(3sec) — DCE 3.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

gss_seal(3sec)  —  Subroutines

NAME

gss_seal — Cryptographically signs and optionally encrypts a message

Synopsis

OM_uint32  gss_seal(
OM_uint32 ∗minor_status,
gss_ctx_id_t context_handle,
int conf_req_flag,
int qop_req,
gss_buffer_t input_message_buffer,
int ∗conf_state,
gss_buffer_t output_message_buffer);

Parameters

Input

context_handle
Specifies the context on which the message is sent.

conf_req_flag
Specifies the requested level of confidentiality and integrity services, as follows:

TRUEBoth confidentiality and integrity services are requested. 

FALSEOnly integrity services are requested. 

qop_reqSpecifies the cryptographic algorithm, or quality of protection.  Specify GSS_C_QOP_DEFAULT.  The DCE GSSAPI supports only one quality of protection. 

input_message_buffer
Specifies the message to seal.

Output

conf_stateReturns the requested level of confidentiality and integrity services, as follows:

TRUEConfidentiality, data origin, authentification, and integrity services have been applied. 

FALSEOnly integrity and data origin services have been applied. 

output_message_buffer
Returns the buffer to receive the sealed message.

minor_status
Returns a status code from the security mechanism.

Description

The gss_seal() routine cryptographically signs and optionally encrypts a message.  The output_message parameter contains both the signature and the message. 

Although the qop_req parameter enables a choice between several qualities of protection, DCE GSSAPI supports only one quality of protection.  If you specify an unsupported protection, the gss_seal() routine returns a status of GSS_S_FAILURE. 

Errors

The following describes a partial list of errors that might be returned.  Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages. 

GSS_S_COMPLETE
The routine was completed successfully.

GSS_S_CONTEXT_EXPIRED
The context has already expired.

GSS_S_CREDENTIALS_EXPIRED
The context is recognized but the associated credentials have expired.

GSS_S_FAILURE
The routine failed.  Check the minor_status parameter for details. 

GSS_S_NO_CONTEXT
The context identified in the context_handle parameter was not valid. 

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026