Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

gss_wrap_size_limit(3gss) [opensolaris man page]

gss_wrap_size_limit(3GSS)			  Generic Security Services API Library Functions			 gss_wrap_size_limit(3GSS)

NAME

       gss_wrap_size_limit - allow application to determine maximum message size with resulting output token of a specified maximum size

SYNOPSIS

       cc [ flag... ] file... -lgss  [ library... ]
       #include <gssapi/gssapi.h>

       OM_uint32 gss_process_context_token(OM_uint32 *minor_status,
	    const gss_ctx_id_t context_handle, int  conf_req_flag,
	    gss_qop_t qop_req, OM_uint32 req_output_size,
	    OM_uint32 *max_input_size);

DESCRIPTION

       The  gss_wrap_size_limit()  function  allows an application to determine the maximum message size that, if presented to gss_wrap() with the
       same conf_req_flag and qop_req parameters, results in an output token containing no more than req_output_size bytes. This call is  intended
       for use by applications that communicate over protocols that impose a maximum message size. It enables the application to fragment messages
       prior to applying protection. The GSS-API detects invalid QOP values when gss_wrap_size_limit() is called. This routine guarantees  only  a
       maximum message size, not the availability of specific QOP values for message protection.

       Successful  completion  of  gss_wrap_size_limit()  does	not  guarantee	that  gss_wrap()  will	be  able  to  protect  a message of length
       max_input_size bytes, since this ability might depend on the availability of system resources at the time that gss_wrap() is called.

PARAMETERS

       The parameter descriptions for gss_wrap_size_limit() are as follows:

       minor_status	  A mechanism-specific status code.

       context_handle	  A handle that refers to the security over which the messages will be sent.

       conf_req_flag	  Indicates whether gss_wrap() will be asked to apply confidential protection in addition  to  integrity  protection.  See
			  gss_wrap(3GSS) for more details.

       qop_req		  Indicates the level of protection that gss_wrap() will be asked to provide.  See gss_wrap(3GSS) for more details.

       req_output_size	  The desired maximum size for tokens emitted by gss_wrap().

       max_input_size	  The maximum input message size that can be presented to gss_wrap() to guarantee that the emitted token will be no larger
			  than req_output_size bytes.

ERRORS

       gss_wrap_size_limit() returns one of the following status codes:

       GSS_S_COMPLETE		Successful completion.

       GSS_S_NO_CONTEXT 	The referenced context could not be accessed.

       GSS_S_CONTEXT_EXPIRED	The context has expired.

       GSS_S_BAD_QOP		The specified QOP is not supported by the mechanism.

       GSS_S_FAILURE		The underlying mechanism detected an error for which no specific GSS status code is defined.   The  mechanism-spe-
				cific status code reported by means of the minor_status parameter details the error condition.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWgss (32-bit)		   |
       +-----------------------------+-----------------------------+
       |			     |SUNWgssx (64-bit) 	   |
       +-----------------------------+-----------------------------+
       |MT Level		     |Safe			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       gss_wrap(3GSS), attributes(5)

       Solaris Security for Developers Guide

SunOS 5.11							    15 Jan 2003 					 gss_wrap_size_limit(3GSS)

Check Out this Related Man Page

gss_wrap_size_limit(3)							gss						    gss_wrap_size_limit(3)

NAME

       gss_wrap_size_limit - API function

SYNOPSIS

       #include <gss.h>

       OM_uint32  gss_wrap_size_limit(OM_uint32 * minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, OM_uint32
       req_output_size, OM_uint32 * max_input_size);

ARGUMENTS

       OM_uint32 * minor_status
		   (Integer, modify) Mechanism specific status code.

       const gss_ctx_id_t context_handle
		   (gss_ctx_id_t, read) A handle that refers to the
		     security over which the messages will be sent.

       int conf_req_flag
		   (Boolean, read) Indicates whether gss_wrap will be
		     asked to apply confidentiality protection in addition to
		     integrity protection.  See the routine description for gss_wrap
		     for more details.

       gss_qop_t qop_req
		   (gss_qop_t, read) Indicates the level of protection that
		     gss_wrap will be asked to provide.  See the routine description
		     for gss_wrap for more details.

       OM_uint32 req_output_size
		   (Integer, read) The desired maximum size for
		     tokens emitted by gss_wrap.

       OM_uint32 * max_input_size
		   (Integer, modify) The maximum input message size
		     that may be presented to gss_wrap in order to guarantee that the
		     emitted token shall be no larger than req_output_size bytes.

DESCRIPTION

       Allows an application to determine the maximum message size that, if presented to gss_wrap with the same conf_req_flag and qop_req  parame-
       ters, will result in an output token containing no more than req_output_size bytes.

       This  call is intended for use by applications that communicate over protocols that impose a maximum message size.  It enables the applica-
       tion to fragment messages prior to applying protection.

       GSS-API implementations are recommended but not required to detect invalid QOP values when gss_wrap_size_limit() is  called.  This  routine
       guarantees only a maximum message size, not the availability of specific QOP values for message protection.

       Successful completion of this call does not guarantee that gss_wrap will be able to protect a message of length max_input_size bytes, since
       this ability may depend on the availability of system resources at the time that gss_wrap is called.  However, if the implementation itself
       imposes	an  upper  limit  on  the  length  of messages that may be processed by gss_wrap, the implementation should not return a value via
       max_input_bytes that is greater than this length.

RETURN VALUE

       `GSS_S_COMPLETE`: Successful completion.

       `GSS_S_NO_CONTEXT`: The referenced context could not be accessed.

       `GSS_S_CONTEXT_EXPIRED`: The context has expired.

       `GSS_S_BAD_QOP`: The specified QOP is not supported by the mechanism.

REPORTING BUGS

       Report bugs to <bug-gss@gnu.org>.  GNU Generic Security Service home page: http://www.gnu.org/software/gss/ General help  using	GNU  soft-
       ware: http://www.gnu.org/gethelp/

COPYRIGHT

       Copyright (C) 2003-2011 Simon Josefsson.
       Copying	and  distribution  of  this file, with or without modification, are permitted in any medium without royalty provided the copyright
       notice and this notice are preserved.

SEE ALSO

       The full documentation for gss is maintained as a Texinfo manual.  If the info and gss programs are properly installed at  your	site,  the
       command

	      info gss

       should give you access to the complete manual.

gss								       1.0.2						    gss_wrap_size_limit(3)
Man Page