gss_wrap_size_liGenericSSecurity Services API Librarygss_wrap_size_limit(3GSS)NAMEgss_wrap_size_limit - allow application to determine maximum message
size with resulting output token of a specified maximum size
SYNOPSIS
cc -flag ... file ...-lgss [library ...]
#include <gssapi/gssapi.h>
OM_uint32 gss_process_context_token(OM_uint32 *minor_status, const
gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req,
OM_uint32 req_output_size, OM_uint32 *max_input_size);
DESCRIPTION
The gss_wrap_size_limit() function allows an application to determine
the maximum message size that, if presented to gss_wrap() with the same
conf_req_flag and qop_req parameters, results in an output token con‐
taining no more than req_output_size bytes. This call is intended for
use by applications that communicate over protocols that impose a maxi‐
mum message size. It enables the application to fragment messages prior
to applying protection. The GSS-API detects invalid QOP values when
gss_wrap_size_limit() is called. This routine guarantees only a maximum
message size, not the availability of specific QOP values for message
protection.
Successful completion of gss_wrap_size_limit() does not guarantee that
gss_wrap() will be able to protect a message of length max_input_size
bytes, since this ability might depend on the availability of system
resources at the time that gss_wrap() is called.
PARAMETERS
The parameter descriptions for gss_wrap_size_limit() are as follows:
minor_status A mechanism-specific status code.
context_handle A handle that refers to the security over which the
messages will be sent.
conf_req_flag Indicates whether gss_wrap() will be asked to apply
confidential protection in addition to integrity pro‐
tection. See gss_wrap(3GSS) for more details.
qop_req Indicates the level of protection that gss_wrap() will
be asked to provide. See gss_wrap(3GSS) for more
details.
req_output_size The desired maximum size for tokens emitted by
gss_wrap().
max_input_size The maximum input message size that can be presented to
gss_wrap() to guarantee that the emitted token will be
no larger than req_output_size bytes.
ERRORSgss_wrap_size_limit() returns one of the following status codes:
GSS_S_COMPLETE Successful completion.
GSS_S_NO_CONTEXT The referenced context could not be
accessed.
GSS_S_CONTEXT_EXPIRED The context has expired.
GSS_S_BAD_QOP The specified QOP is not supported by
the mechanism.
GSS_S_FAILURE The underlying mechanism detected an
error for which no specific GSS status
code is defined. The mechanism-spe‐
cific status code reported by means of
the minor_status parameter details the
error condition.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌─────────────────────────────┬─────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├─────────────────────────────┼─────────────────────────────┤
│Availability │SUNWgss (32-bit) │
├─────────────────────────────┼─────────────────────────────┤
│ │SUNWgssx (64-bit) │
├─────────────────────────────┼─────────────────────────────┤
│MT Level │Safe │
└─────────────────────────────┴─────────────────────────────┘
SEE ALSOgss_wrap(3GSS), attributes(5)
Solaris Security for Developers Guide
SunOS 5.10 15 Jan 2003 gss_wrap_size_limit(3GSS)