skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 3:... HP Open Source Security for OpenVMS Volume 3:...
go to beginning of chapter: GSSAPI (Generic Security Services Application... GSSAPI (Generic Security Services Application...
go to previous page: gss_verify_mic Check that a cryptographic MIC fits the applied message gss_verify_mic Check that a cryptographic MIC fits the applied...
go to next page: gss_wrap_size_limit Check expected size of wrapped outputgss_wrap_size_limit Check expected size of wrapped output
end of book navigation links

gss_wrap -- Attach a MIC to a message and encrypt the message 



C Prototype 

OM_uint32 gss_wrap(
        OM_uint32          minor_status,
        gss_ctx_id_t       context_handle,
        int                conf_req_flag,
        gss_qop_t          qop_req,
        gss_buffer_t       input_message_buffer,
        int                conf_state,
        gss_buffer_t       output_message_buffer );

Arguments 

minor_status
(output)		 An implementation-specific status code.
context_handle (input) Identifies the context on which the message will be sent.
conf_req_flag (input) A Boolean value indicating which services are to be used.

TRUE -- Both confidentiality and integrity services are requested.FALSE -- Only integrity service is requested.
qop_req (input) Specifies the required quality of protection. A mechanism-specific default may be requested by setting qop_req to GSS_C_QOP_DEFAULT. If an unsupported protection strength is requested, gss_wrap will return a status of GSS_S_BAD_QOP.
input_message_buffer (input)
 The message to be protected.
conf_state (output) A Boolean value indicating which services have been applied. Specify NULL if not required.

TRUE -- Confidentiality, data origin authentication and integrity services have been applied.FALSE -- Only integrity and data origin services have been applied.
output_message_buffer (output)
 The buffer to receive the protected message. Storage associated with this message must be freed by the application after use with a call to gss_release_buffer.

Description 

This routine attaches a cryptographic MIC and optionally encrypts the specified input_message_buffer. The output_message_buffer contains both the MIC and the message. The qop_req argument allows a choice between several cryptographic algorithms.

This routine is functionally equivalent to the gss_seal routine. New code should use gss_wrap instead of gss_seal. Although both routines are supported, gss_seal has been deprecated in the GSSAPI Version 2 specification.

Return Values 

This routine returns one of the following GSS status codes:

GSS_S_COMPLETE
Indicates that the input_message_buffer was successfully processed and that the output_message_buffer is ready for transmission.
GSS_S_CONTEXT_EXPIRED
 Indicates that context-related data items have expired, so that the requested operation cannot be performed.
GSS_S_NO_CONTEXT
Indicates that the context_handle argument did not identify a valid context.
GSS_S_BAD_QOP
 Indicates that the provided QOP value is not recognized or supported for the context.

go to previous page: gss_verify_mic Check that a cryptographic MIC fits the applied message gss_verify_mic Check that a cryptographic MIC fits the applied...
go to next page: gss_wrap_size_limit Check expected size of wrapped outputgss_wrap_size_limit Check expected size of wrapped output