1gss_unwrap(3GSS)Generic Security Services API Library Functionsgss_unwrap(3GSS)
2
3
4

NAME

6       gss_unwrap - verify a message with attached cryptographic message
7

SYNOPSIS

9       cc [ flag... ] file... -lgss  [ library... ]
10       #include <gssapi/gssapi.h>
11
12       OM_uint32 gss_unwrap(OM_uint32 *minor_status,
13            const gss_ctx_id_t context_handle,
14            const gss_buffer_t input_message_buffer,
15            gss_buffer_t output_message_buffer, int *conf_state,
16            gss_qop_t *qop_state);
17
18

DESCRIPTION

20       The  gss_unwrap()  function  converts a message previously protected by
21       gss_wrap(3GSS) back to a usable form, verifying the embedded  MIC.  The
22       conf_state  parameter  indicates whether the message was encrypted; the
23       qop_state parameter indicates the strength of protection that was  used
24       to provide the confidentiality and integrity services.
25
26
27       Since  some  application-level protocols may wish to use tokens emitted
28       by gss_wrap(3GSS) to provide secure framing, the GSS-API  supports  the
29       wrapping and unwrapping of zero-length messages.
30

PARAMETERS

32       The parameter descriptions for gss_unwrap() follow:
33
34       minor_status             The  status  code  returned  by the underlying
35                                mechanism.
36
37
38       context_handle           Identifies the context on  which  the  message
39                                arrived.
40
41
42       input_message_buffer     The message to be protected.
43
44
45       output_message_buffer    The  buffer  to receive the unwrapped message.
46                                Storage associated with this  buffer  must  be
47                                freed by the application after use with a call
48                                to gss_release_buffer(3GSS).
49
50
51       conf_state               If the value of conf_state is  non-zero,  then
52                                confidentiality  and integrity protection were
53                                used. If the value  is  zero,  only  integrity
54                                service was used. Specify NULL if this parame‐
55                                ter is not required.
56
57
58       qop_state                Specifies the quality of protection  provided.
59                                Specify   NULL   if   this  parameter  is  not
60                                required.
61
62

ERRORS

64       gss_unwrap() may return the following status codes:
65
66       GSS_S_COMPLETE           Successful completion.
67
68
69       GSS_S_DEFECTIVE_TOKEN    The token failed consistency checks.
70
71
72       GSS_S_BAD_SIG            The MIC was incorrect.
73
74
75       GSS_S_DUPLICATE_TOKEN    The token was valid, and contained  a  correct
76                                MIC  for  the message, but it had already been
77                                processed.
78
79
80       GSS_S_OLD_TOKEN          The token was valid, and contained  a  correct
81                                MIC  for  the  message,  but  it is too old to
82                                check for duplication.
83
84
85       GSS_S_UNSEQ_TOKEN        The token was valid, and contained  a  correct
86                                MIC for the message, but has been verified out
87                                of sequence; a later token  has  already  been
88                                received.
89
90
91       GSS_S_GAP_TOKEN          The  token  was valid, and contained a correct
92                                MIC for the message, but has been verified out
93                                of sequence; an earlier expected token has not
94                                yet been received.
95
96
97       GSS_S_CONTEXT_EXPIRED    The context has already expired.
98
99
100       GSS_S_NO_CONTEXT         The context_handle parameter did not  identify
101                                a valid context.
102
103
104       GSS_S_FAILURE            The underlying mechanism detected an error for
105                                which no specific GSS status code is  defined.
106                                The mechanism-specific status code reported by
107                                means of the  minor_status  parameter  details
108                                the error condition.
109
110

ATTRIBUTES

112       See attributes(5)  for descriptions of the following attributes:
113
114
115
116
117       ┌─────────────────────────────┬─────────────────────────────┐
118       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
119       ├─────────────────────────────┼─────────────────────────────┤
120       │Availability                 │SUNWgss (32-bit)             │
121       ├─────────────────────────────┼─────────────────────────────┤
122       │                             │SUNWgssx (64-bit)            │
123       ├─────────────────────────────┼─────────────────────────────┤
124       │MT-Level                     │Safe                         │
125       └─────────────────────────────┴─────────────────────────────┘
126

SEE ALSO

128       gss_release_buffer(3GSS), gss_wrap(3GSS), attributes(5)
129
130
131       Solaris Security for Developers Guide
132
133
134
135SunOS 5.11                        15 Jan 2003                 gss_unwrap(3GSS)
Impressum