Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

gss_unwrap(3) [debian man page]

gss_unwrap(3)								gss							     gss_unwrap(3)

NAME

       gss_unwrap - API function

SYNOPSIS

       #include <gss.h>

       OM_uint32  gss_unwrap(OM_uint32	*  minor_status,  const gss_ctx_id_t context_handle, const gss_buffer_t input_message_buffer, gss_buffer_t
       output_message_buffer, int * conf_state, gss_qop_t * qop_state);

ARGUMENTS

       OM_uint32 * minor_status
		   (Integer, modify) Mechanism specific status code.

       const gss_ctx_id_t context_handle
		   (gss_ctx_id_t, read) Identifies the context on
		     which the message arrived.

       const gss_buffer_t input_message_buffer
		   (buffer, opaque, read) Protected message.

       gss_buffer_t output_message_buffer
		   (buffer, opaque, modify) Buffer to receive
		     unwrapped message.  Storage associated with this buffer must be
		     freed by the application after use use with a call to
		     gss_release_buffer().

       int * conf_state
		   (boolean, modify, optional) Non-zero - Confidentiality
		     and integrity protection were used. Zero - Integrity service only
		     was used.	Specify NULL if not required.

       gss_qop_t * qop_state
		   (gss_qop_t, modify, optional) Quality of protection
		     provided.	Specify NULL if not required.

DESCRIPTION

       Converts a message previously protected by gss_wrap back to a usable form, verifying the embedded MIC.  The conf_state parameter  indicates
       whether	the message was encrypted; the qop_state parameter indicates the strength of protection that was used to provide the confidential-
       ity and integrity services.

       Since some application-level protocols may wish to use tokens emitted by gss_wrap() to provide "secure framing", implementations must  sup-
       port the wrapping and unwrapping of zero-length messages.

RETURN VALUE

       `GSS_S_COMPLETE`: Successful completion.

       `GSS_S_DEFECTIVE_TOKEN`: The token failed consistency checks.

       `GSS_S_BAD_SIG`: The MIC was incorrect.

       `GSS_S_DUPLICATE_TOKEN`: The token was valid, and contained a
	correct MIC for the message, but it had already been processed.

       `GSS_S_OLD_TOKEN`: The token was valid, and contained a correct MIC for the message, but it is too old to check for duplication.

       `GSS_S_UNSEQ_TOKEN`: The token was valid, and contained a correct MIC for the message, but has been verified out of sequence; a later token
       has already been received.

       `GSS_S_GAP_TOKEN`: The token was valid, and contained a correct MIC for the message, but has been verified  out	of  sequence;  an  earlier
       expected token has not yet been received.

       `GSS_S_CONTEXT_EXPIRED`: The context has already expired.

       `GSS_S_NO_CONTEXT`: The context_handle parameter did not identify a valid context.

REPORTING BUGS

       Report  bugs  to  <bug-gss@gnu.org>.  GNU Generic Security Service home page: http://www.gnu.org/software/gss/ General help using GNU soft-
       ware: http://www.gnu.org/gethelp/

COPYRIGHT

       Copyright (C) 2003-2011 Simon Josefsson.
       Copying and distribution of this file, with or without modification, are permitted in any medium without  royalty  provided  the  copyright
       notice and this notice are preserved.

SEE ALSO

       The  full  documentation  for gss is maintained as a Texinfo manual.  If the info and gss programs are properly installed at your site, the
       command

	      info gss

       should give you access to the complete manual.

gss								       1.0.2							     gss_unwrap(3)

Check Out this Related Man Page

gss_unwrap(3GSS)				  Generic Security Services API Library Functions				  gss_unwrap(3GSS)

NAME

       gss_unwrap - verify a message with attached cryptographic message

SYNOPSIS

       cc -flag ...  file ...-lgss [library ...]
       #include <gssapi/gssapi.h>

       OM_uint32 gss_unwrap(OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t input_message_buffer, gss_buffer_t out-
       put_message_buffer, int *conf_state, gss_qop_t *qop_state);

DESCRIPTION

       The gss_unwrap() function converts a message previously protected by gss_wrap(3GSS) back to a usable form, verifying the embedded MIC.  The
       conf_state  parameter  indicates  whether  the message was encrypted; the qop_state parameter indicates the strength of protection that was
       used to provide the confidentiality and integrity services.

       Since some application-level protocols may wish to use tokens emitted by gss_wrap(3GSS) to provide secure framing, the GSS-API supports the
       wrapping and unwrapping of zero-length messages.

PARAMETERS

       The parameter descriptions for gss_unwrap() follow:

       minor_status	       The status code returned by the underlying mechanism.

       context_handle	       Identifies the context on which the message arrived.

       input_message_buffer    The message to be protected.

       output_message_buffer   The  buffer  to receive the unwrapped message. Storage associated with this buffer must be freed by the application
			       after use with a call to gss_release_buffer(3GSS).

       conf_state	       If the value of conf_state is non-zero, then confidentiality and integrity protection were used. If  the  value	is
			       zero, only integrity service was used. Specify NULL if this parameter is not required.

       qop_state	       Specifies the quality of protection provided. Specify NULL if this parameter is not required.

ERRORS

       gss_unwrap() may return the following status codes:

       GSS_S_COMPLETE		       Successful completion.

       GSS_S_DEFECTIVE_TOKEN	       The token failed consistency checks.

       GSS_S_BAD_SIG		       The MIC was incorrect.

       GSS_S_DUPLICATE_TOKEN	       The token was valid, and contained a correct MIC for the message, but it had already been processed.

       GSS_S_OLD_TOKEN		       The  token  was valid, and contained a correct MIC for the message, but it is too old to check for duplica-
				       tion.

       GSS_S_UNSEQ_TOKEN	       The token was valid, and contained a correct MIC for the message, but has been verified out of sequence;  a
				       later token has already been received.

       GSS_S_GAP_TOKEN		       The token was valid, and contained a correct MIC for the message, but has been verified out of sequence; an
				       earlier expected token has not yet been received.

       GSS_S_CONTEXT_EXPIRED	       The context has already expired.

       GSS_S_NO_CONTEXT 	       The context_handle parameter did not identify a valid context.

       GSS_S_FAILURE		       The underlying mechanism detected an error for which no specific GSS status code is  defined.   The  mecha-
				       nism-specific status code reported by means of the minor_status parameter details the error condition.

ATTRIBUTES

       See attributes(5)  for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWgss (32-bit)		   |
       +-----------------------------+-----------------------------+
       |			     |SUNWgssx (64-bit) 	   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |Safe			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       gss_release_buffer(3GSS), gss_wrap(3GSS), attributes(5)

       Solaris Security for Developers Guide

SunOS 5.10							    15 Jan 2003 						  gss_unwrap(3GSS)
Man Page