gss_sign(3sec)
Generates a cryptographic signature for a message
Synopsis
#include <dce/gssapi.h>
OM_uint32 gss_sign (
OM_uint32 *minor_status,
gss_ctx_id_t context_handle,
int qop_req,
gss_buffer_t message_buffer,
gss_buffer_t
msg_token)
Parameters
Input
context_handle
Specifies the context on which the message is sent.
qop_req
Specifies the cryptographic algorithm, or quality of protection. Specify GSS_C_QOP_DEFAULT. DCE GSSAPI supports only one quality of protection.
message_buffer
Specifies the message to send.
Output
msg_token
Returns the buffer to receive the signature token to transfer to the context acceptor.
minor_status
Returns a status code from the security mechanism.
Description
The gss_sign( ) routine generates an encrypted signature for a message. It places the signature in a token for transfer to the context acceptor.
Although the qop_req parameter enables a choice between several qualities of protection, DCE GSSAPI supports only one quality of protection. If you specify an unsupported protection, the gss_sign( ) routine returns a status of GSS_S_FAILURE.
Errors
The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.
| GSS_S_COMPLETE | The routine was completed successfully. |
| GSS_S_CONTEXT_EXPIRED | The context has already expired. |
| GSS_S_CREDENTIALS_EXPIRED | The context is recognized but the associated credentials have expired. |
| GSS_S_FAILURE | The routine failed. Check the minor_status parameter for details. |
| GSS_S_NO_CONTEXT | The context identified in the context_handle parameter was not valid. |