PreviousNext

gss_seal(3sec)

Cryptographically signs and optionally encrypts a message

Synopsis

#include <dce/gssapi.h>

OM_uint32 gss_seal (
OM_uint32 *minor_status,
gss_ctx_id_t context_handle,
int
conf_req_flag,
int
qop_req,
gss_buffer_t
input_message_buffer,
int *
conf_state,
gss_buffer_t
output_message_buffer)

Parameters

Input

context_handle
Specifies the context on which the message is sent.

conf_req_flag
Specifies the requested level of confidentiality and integrity services, as follows:

TRUE Both confidentiality and integrity services are requested.
FALSE Only integrity services are requested.
qop_req
Specifies the cryptographic algorithm, or quality of protection. Specify GSS_C_QOP_DEFAULT. The DCE GSSAPI supports only one quality of protection.

input_message_buffer
Specifies the message to seal.

Output

conf_state
Returns the requested level of confidentiality and integrity services, as follows:

TRUE Confidentiality, data origin, authentication, and integrity services have been applied.
FALSE Only integrity and data origin services have been applied.
output_message_buffer
Returns the buffer to receive the sealed message.

minor_status
Returns a status code from the security mechanism.

Description
The gss_seal( ) routine cryptographically signs and optionally encrypts a message. The output_message parameter contains both the signature and the message.

Although the qop_req parameter enables a choice between several qualities of protection, DCE GSSAPI supports only one quality of protection. If you specify an unsupported protection, the gss_seal( ) routine returns a status of GSS_S_FAILURE.

Errors

The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.

GSS_S_COMPLETE The routine was completed successfully.
GSS_S_CONTEXT_EXPIRED The context has already expired.
GSS_S_CREDENTIALS_EXPIRED The context is recognized but the associated credentials have expired.
GSS_S_FAILURE The routine failed. Check the minor_status parameter for details.
GSS_S_NO_CONTEXT The context identified in the context_handle parameter was not valid.