idnits 2.17.1 draft-ietf-cat-secservice-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Cannot find the required boilerplate sections (Copyright, IPR, etc.) in this document. Expected boilerplate is as follows today (2024-04-24) according to https://trustee.ietf.org/license-info : IETF Trust Legal Provisions of 28-dec-2009, Section 6.a: This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 2: Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 3: This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity. ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. ** Expected the document's filename to be given on the first page, but didn't find any ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 45 longer pages, the longest (page 2) being 65 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 229 instances of too long lines in the document, the longest one being 3 characters in excess of 72. == There are 12 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 87 has weird spacing: '...sign or seal)...' == Line 220 has weird spacing: '...eter to gss_...' == Line 235 has weird spacing: '...he type gss_...' == Line 249 has weird spacing: '...le, the gss_O...' == Line 492 has weird spacing: '...ame and gss_d...' == (22 more instances...) == Couldn't figure out when the document was first submitted -- there may comments or warnings related to the use of a disclaimer for pre-RFC5378 work that could not be issued because of this. Please check the Legal Provisions document at https://trustee.ietf.org/license-info to determine if you need the pre-RFC5378 disclaimer. -- The document date (August 1992) is 11575 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-03) exists of draft-ietf-cat-genericsec-01 -- Possible downref: Non-RFC (?) normative reference: ref. 'XOM' Summary: 12 errors (**), 0 flaws (~~), 11 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 IETF-CATWG J. Wray (DEC) 2 Internet draft August 1992 4 Generic Security Service API : C-bindings 6 1. STATUS OF THIS MEMO 8 This document is an Internet Draft. Internet Drafts are working 9 documents of the Internet Engineering Task Force (IETF), its Areas, 10 and its Working Groups. Note that other groups may also distribute 11 working documents as Internet Drafts. Internet Drafts are draft 12 documents valid for a maximum of six months. Internet Drafts may be 13 updated, replaced, or obsoleted by other documents at any time. It 14 is not appropriate to use Internet Drafts as reference material or to 15 cite them other than as a "working draft" or "work in progress." 16 Please check the I-D abstract listing contained in each Internet 17 Draft directory to learn the current status of this or any other 18 Internet Draft. 20 This draft document will be submitted to the RFC editor as a proposed 21 interface specification for use by integrators of security features 22 into caller protocols. Distribution of this memo is unlimited. Please 23 send comments to "cat-ietf@MIT.EDU." 25 2. ABSTRACT 27 This draft document specifies C language bindings for the Generic 28 Security Service Application Program Interface (GSS-API), which is 29 described at a language-independent conceptual level in other drafts. 31 The Generic Security Service Application Programming Interface (GSS- 32 API) provides security services to its callers, and is intended for 33 implementation atop alternative underlying cryptographic mechanisms. 34 Typically, GSS-API callers will be application protocols into which 35 security enhancements are integrated through invocation of services 36 provided by the GSS-API. The GSS-API allows a caller application to 37 authenticate a principal identity associated with a peer application, 38 to delegate rights to a peer, and to apply security services such as 39 confidentiality and integrity on a per-message basis. 41 3. INTRODUCTION 43 The Generic Security Service Application Programming Interface 44 [GSSAPI] provides security services to calling applications. It 45 allows a communicating application to authenticate the user 46 associated with another application, to delegate rights to another 47 application, and to apply security services such as confidentiality 48 and integrity on a per-message basis. 50 There are four stages to using the GSSAPI: 52 (a) The application acquires a set of credentials with which it may 53 prove its identity to other processes. The application's 54 credentials vouch for its global identity, which may or may not 55 be related to the local username under which it is running. 57 (b) A pair of communicating applications establish a joint security 58 context using their credentials. The security context is a 59 pair of GSSAPI data structures that contain shared state 60 information, which is required in order that per-message 61 security services may be provided. As part of the 62 establishment of a security context, the context initiator is 63 authenticated to the responder, and may require that the 64 responder is authenticated in turn. The initiator may 65 optionally give the responder the right to initiate further 66 security contexts. This transfer of rights is termed 67 delegation, and is achieved by creating a set of credentials, 68 similar to those used by the originating application, but which 69 may be used by the responder. To establish and maintain the 70 shared information that makes up the security context, certain 71 GSSAPI calls will return a token data structure, which is a 72 cryptographically protected opaque data type. The caller of 73 such a GSSAPI routine is responsible for transferring the token 74 to the peer application, which should then pass it to a 75 corresponding GSSAPI routine which will decode it and extract 76 the information. 78 (c) Per-message services are invoked to apply either: 80 (i) integrity and data origin authentication, or 82 (ii) confidentiality, integrity and data origin authentication 84 to application data, which are treated by GSSAPI as arbitrary 85 octet-strings. The application transmitting a message that it 86 wishes to protect will call the appropriate GSSAPI routine 87 (sign or seal) to apply protection, specifying the appropriate 88 security context, and send the result to the receiving 89 application. The receiver will pass the received data to the 90 corresponding decoding routine (verify or unseal) to remove the 91 protection and validate the data. 93 (d) At the completion of a communications session (which may extend 94 across several connections), the peer applications call GSSAPI 95 routines to delete the security context. Multiple contexts may 96 also be used (either successively or simultaneously) within a 97 single communications association. 99 4. GSSAPI Routines 101 This section lists the functions performed by each of the GSSAPI 102 routines and discusses their major parameters, describing how they 103 are to be passed to the routines. The routines are listed in figure 104 4-1. 106 Figure 4-1 GSSAPI Routines 108 Routine Function 110 gss_acquire_cred Assume a global identity 112 gss_release_cred Discard credentials 114 gss_init_sec_context Initiate a security context 115 with a peer application 117 gss_accept_sec_context Accept a security context 118 initiated by a peer 119 application 121 gss_process_context_token Process a token on a security 122 context from a peer 123 application 125 gss_delete_sec_context Discard a security context 127 gss_context_time Determine for how long a 128 context will remain valid 130 gss_sign Sign a message; integrity 131 service 133 gss_verify Check signature on a message 135 gss_seal Sign (optionally encrypt) a 136 message; confidentiality 137 service 139 gss_unseal Verify (optionally decrypt) 140 message 142 gss_display_status Convert an API status code 143 to text 145 gss_indicate_mechs Determine underlying 146 authentication mechanism 148 gss_compare_name Compare two API-format names 149 gss_display_name Convert opaque name to text 151 gss_import_name Convert a textual name to 152 API-format 154 gss_release_name Discard an API-format name 156 gss_release_buffer Discard a buffer 158 gss_release_oid_set Discard a set of object 159 identifiers 161 gss_inquire_cred Determine information about 162 a credential 164 Individual GSSAPI implementations may augment these routines by 165 providing additional mechanism-specific routines if required 166 functionality is not available from the generic forms. Applications 167 are encouraged to use the generic routines wherever possible on 168 portability grounds. 170 4.1. Data Types and Calling Conventions 172 The following conventions are used by the GSSAPI: 174 4.1.1. Structured data types 176 Wherever these GSSAPI C-bindings describe structured data, only 177 fields that must be provided by all GSSAPI implementation are 178 documented. Individual implementations may provide additional 179 fields, either for internal use within GSSAPI routines, or for use by 180 non-portable applications. 182 4.1.2. Integer types 184 GSSAPI defines the following integer data type: 186 OM_uint32 32-bit unsigned integer 188 Where guaranteed minimum bit-count is important, this portable data 189 type is used by the GSSAPI routine definitions. Individual GSSAPI 190 implementations will include appropriate typedef definitions to map 191 this type onto a built-in data type. 193 4.1.3. String and similar data 195 Many of the GSSAPI routines take arguments and return values that 196 describe contiguous multiple-byte data. All such data is passed 197 between the GSSAPI and the caller using the gss_buffer_t data type. 198 This data type is a pointer to a buffer descriptor, which consists of 199 a length field that contains the total number of bytes in the datum, 200 and a value field which contains a pointer to the actual datum: 202 typedef struct gss_buffer_desc_struct { 203 size_t length; 204 void *value; 205 } gss_buffer_desc, *gss_buffer_t; 207 Storage for data passed to the application by a GSSAPI routine using 208 the gss_buffer_t conventions is allocated by the GSSAPI routine. The 209 application may free this storage by invoking the gss_release_buffer 210 routine. Allocation of the gss_buffer_desc object is always the 211 responsibility of the application; Unused gss_buffer_desc objects 212 may be initialized to the value GSS_C_EMPTY_BUFFER. 214 4.1.3.1. Opaque data types 216 Certain multiple-word data items are considered opaque data types at 217 the GSSAPI, because their internal structure has no significance 218 either to the GSSAPI or to the caller. Examples of such opaque data 219 types are the input_token parameter to gss_init_sec_context (which is 220 opaque to the caller), and the input_message parameter to gss_seal 221 (which is opaque to the GSSAPI). Opaque data is passed between the 222 GSSAPI and the application using the gss_buffer_t datatype. 224 4.1.3.2. Character strings 226 Certain multiple-word data items may be regarded as simple ISO 227 Latin-1 character strings. An example of this is the 228 input_name_buffer parameter to gss_import_name. Some GSSAPI routines 229 also return character strings. Character strings are passed between 230 the application and the GSSAPI using the gss_buffer_t datatype, 231 defined earlier. 233 4.1.4. Object Identifiers 235 Certain GSSAPI procedures take parameters of the type gss_OID, or 236 Object identifier. This is a type containing ISO-defined tree- 237 structured values, and is used by the GSSAPI caller to select an 238 underlying security mechanism. A value of type gss_OID has the 239 following structure: 241 typedef struct gss_OID_desc_struct { 242 OM_uint32 length; 243 void *elements; 244 } gss_OID_desc, *gss_OID; 246 The elements field of this structure points to the first byte of an 247 octet string containing the ASN.1 BER encoding of the value of the 248 gss_OID. The length field contains the number of bytes in this 249 value. For example, the gss_OID value corresponding to {iso(1) 250 identified- organization(3) icd-ecma(12) member-company(2) dec(1011) 251 cryptoAlgorithms(7) SPX(5)} meaning SPX (Digital's X.509 252 authentication mechanism) has a length field of 7 and an elements 253 field pointing to seven octets containing the following octal values: 254 53,14,2,207,163,7,5. GSSAPI implementations should provide constant 255 gss_OID values to allow callers to request any supported mechanism, 256 although applications are encouraged on portability grounds to accept 257 the default mechanism. gss_OID values should also be provided to 258 allow applications to specify particular name types (see section 259 4.1.10). Applications should treat gss_OID_desc values returned by 260 GSSAPI routines as read-only. In particular, the application should 261 not attempt to deallocate them. The gss_OID_desc datatype is 262 equivalent to the X/Open OM_object_identifier datatype[XOM]. 264 4.1.5. Object Identifier Sets 266 Certain GSSAPI procedures take parameters of the type gss_OID_set. 267 This type represents one or more object identifiers (section 4.1.4). 268 A gss_OID_set object has the following structure: 270 typedef struct gss_OID_set_desc_struct { 271 int count; 272 gss_OID elements; 273 } gss_OID_set_desc, *gss_OID_set; 275 The count field contains the number of OIDs within the set. The 276 elements field is a pointer to an array of gss_OID_desc objects, each 277 of which describes a single OID. gss_OID_set values are used to name 278 the available mechanisms supported by the GSSAPI, to request the use 279 of specific mechanisms, and to indicate which mechanisms a given 280 credential supports. Storage associated with gss_OID_set values 281 returned to the application by the GSSAPI may be deallocated by the 282 gss_release_oid_set routine. 284 4.1.6. Credentials 286 A credential handle is a caller-opaque datum that identifies a GSSAPI 287 credential data structure. It is represented by the caller-opaque 288 type gss_cred_id_t. Credentials describe a principal, and they give 289 their holder the ability to act as that principal. The GSSAPI does 290 not make the actual credentials available to applications; instead 291 the credential handle is used to identify a particular credential, 292 held internally by GSSAPI or underlying mechanism. Thus the 293 credential handle contains no security-relavent information, and 294 requires no special protection by the application. Depending on the 295 implementation, a given credential handle may refer to different 296 credentials when presented to the GSSAPI by different callers. 297 Individual GSSAPI implementations should define both the scope of a 298 credential handle and the scope of a credential itself (which must be 299 at least as wide as that of a handle). Possibilities for credential 300 handle scope include the process that acquired the handle, the 301 acquiring process and its children, or all processes sharing some 302 local identification information (e.g., UID). If no handles exist by 303 which a given credential may be reached, the GSSAPI may delete the 304 credential. 306 Certain routines allow credential handle parameters to be omitted to 307 indicate the use of a default credential. The mechanism by which a 308 default credential is established and its scope should be defined by 309 the individual GSSAPI implementation. 311 4.1.7. Contexts 313 The gss_ctx_id_t data type contains a caller-opaque value that 314 identifies one end of a GSSAPI security context. Depending on the 315 implementation, a given gss_ctx_id_t value may refer to different 316 GSSAPI security contexts when presented to the GSSAPI by different 317 callers. The security context holds state information about each end 318 of a peer communication, including cryptographic state information. 319 Individual GSSAPI implementations should define the scope of a 320 context. Since no way is provided by which a new gss_ctx_id_t value 321 may be obtained for an existing context, the scope of a context 322 should be the same as the scope of a gss_ctx_id_t. 324 4.1.8. Authentication tokens 326 A token is a caller-opaque type that GSSAPI uses to maintain 327 synchronization between the context data structures at each end of a 328 GSSAPI security context. The token is a cryptographically protected 329 bit-string, generated by the underlying mechanism at one end of a 330 GSSAPI security context for use by the peer mechanism at the other 331 end. Encapsulation (if required) and transfer of the token are the 332 responsibility of the peer applications. A token is passed between 333 the GSSAPI and the application using the gss_buffer_t conventions. 335 4.1.9. Status values 337 One or more status codes are returned by each GSSAPI routine. Two 338 distinct sorts of status codes are returned. These are termed GSS 339 status codes and Mechanism status codes. 341 4.1.9.1. GSS status codes 343 GSSAPI routines return GSS status codes as their OM_uint32 function 344 value. These codes indicate errors that are independent of the 345 underlying mechanism used to provide the security service. The 346 errors that can be indicated via a GSS status code are either generic 347 API routine errors (errors that are defined in the GSSAPI 348 specification) or calling errors errors that are specific to these 349 bindings). 351 A GSS status code can indicate a single fatal generic API error from 352 the routine and a single calling error. In addition, supplementary 353 status information may be indicated via the setting of bits in the 354 supplementary info field of a GSS status code. 356 These errors are encoded into the 32-bit GSS status code as follows: 358 MSB LSB 359 |------------------------------------------------------------| 360 | Calling Error | Routine Error | Supplementary Info | 361 |------------------------------------------------------------| 362 Bit 31 24 23 16 15 0 364 Hence if a GSSAPI routine returns a GSS status code whose upper 16 365 bits contain a non-zero value, the call failed. If the calling error 366 field is non-zero, the invoking application's call of the routine was 367 erroneous. Calling errors are defined in table 5-1. If the routine 368 error field is non-zero, the routine failed for one of the routine- 369 specific reasons listed below in table 5-2. Whether or not the upper 370 16 bits indicate a failure or a success, the routine may indicate 371 additional information by setting bits in the supplementary info 372 field of the status code. The meaning of individual bits is listed 373 below in table 5-3. 375 Table 5-1 Calling Errors 377 Name Value in Meaning 378 Field 379 GSS_S_CALL_INACCESSIBLE_READ 1 A required input 380 parameter could 381 not be read. 382 GSS_S_CALL_INACCESSIBLE_WRITE 2 A required output 383 parameter could 384 not be written. 385 GSS_S_CALL_BAD_STRUCTURE 3 A parameter was 386 malformed 388 Table 5-2 Routine Errors 390 Name Value in Meaning 391 Field 393 GSS_S_BAD_MECH 1 An unsupported mechanism was 394 requested 395 GSS_S_BAD_NAME 2 An invalid name was supplied 396 GSS_S_BAD_NAMETYPE 3 A supplied name was of an 397 unsupported type 398 GSS_S_BAD_BINDINGS 4 Incorrect channel bindings 399 were supplied 400 GSS_S_BAD_STATUS 5 An invalid status code was 401 supplied 402 GSS_S_BAD_SIG 6 A token had an invalid 403 signature 405 GSS_S_NO_CRED 7 No credentials were supplied 406 GSS_S_NO_CONTEXT 8 No context has been 407 established 408 GSS_S_DEFECTIVE_TOKEN 9 A token was invalid 409 GSS_S_DEFECTIVE_CREDENTIAL 10 A credential was invalid 410 GSS_S_CREDENTIALS_EXPIRED 11 The referenced credentials 411 have expired 412 GSS_S_CONTEXT_EXPIRED 12 The context has expired 413 GSS_S_FAILURE 13 Miscellaneous failure 414 (see text) 416 Table 5-3 Supplementary Status Bits 418 Name Bit Number Meaning 419 GSS_S_CONTINUE_NEEDED 0 (LSB) The routine must be called 420 again to complete its function. 421 See routine documentation for 422 detailed description. 423 GSS_S_DUPLICATE_TOKEN 1 The token was a duplicate of 424 an earlier token 425 GSS_S_OLD_TOKEN 2 The token's validity period 426 has expired 427 GSS_S_UNSEQ_TOKEN 3 A later token has already been 428 processed 430 The routine documentation also uses the name GSS_S_COMPLETE, which is 431 a zero value, to indicate an absence of any API errors or 432 supplementary information bits. 434 All GSS_S_xxx symbols equate to complete OM_uint32 status codes, 435 rather than to bitfield values. For example, the actual value of the 436 symbol GSS_S_BAD_NAMETYPE (value 3 in the routine error field) is 437 3 << 16. 439 The macros GSS_CALLING_ERROR(), GSS_ROUTINE_ERROR() and 440 GSS_SUPPLEMENTARY_INFO() are provided, each of which takes a GSS 441 status code and removes all but the relevant field. For example, the 442 value obtained by applying GSS_ROUTINE_ERROR to a status code removes 443 the calling errors and supplementary info fields, leaving only the 444 routine errors field. The values delivered by these macros may be 445 directly compared with a GSS_S_xxx symbol of the appropriate type. 446 The macro GSS_ERROR() is also provided, which when applied to a GSS 447 status code returns a non-zero value if the status code indicated a 448 calling or routine error, and a zero value otherwise. 450 A GSSAPI implementation may choose to signal calling errors in a 451 platform-specific manner instead of, or in addition to the routine 452 value; routine errors and supplementary info should be returned via 453 routine status values only. 455 4.1.9.2. Mechanism-specific status codes 457 GSSAPI routines return a minor_status parameter, which is used to 458 indicate specialized errors from the underlying security mechanism. 459 This parameter may contain a single mechanism-specific error, 460 indicated by a OM_uint32 value. The minor_status parameter will 461 always be set by a GSSAPI routine, even if it returns a calling error 462 or one of the generic API errors indicated above as fatal, although 463 other output parameters may remain unset in such cases. 465 The GSS status code GSS_S_FAILURE is used to indicate that the 466 underlying mechanism detected an error for which no specific GSS 467 status code is defined. The mechanism status code will provide more 468 details about the error. 470 4.1.10. Names 472 A name is used to identify a person or entity. GSSAPI authenticates 473 the relationship between a name and the entity claiming the name. 475 Two distinct representations are defined for names: 477 (a) A printable form, for presentation to a user 479 (b) An API form, for presentation at the API 481 The syntax of a printable name is defined by the GSSAPI 482 implementation, and may be dependent on local system configuration, 483 or on individual user preference. The API form provides a canonical 484 representation of the name that is independent of configuration. 486 A given GSSAPI implementation may support names drawn from multiple 487 namespaces. IN such an implementation. the API form of the name must 488 include fields that identify the namespace from which the name is 489 drawn. The namespace from which a printable name is drawn is 490 specified by an accompanying object identifier. 492 Routines (gss_import_name and gss_display_name) are provided to 493 convert names between their printable representations and the 494 gss_name_t type. gss_import_name may support multiple syntaxes for 495 each supported namespace, allowing users the freedom to choose a 496 preferred name representation. gss_display_name should use an 497 implementation-chosen preferred syntax for each supported name-type. 499 Comparison of API-format names is accomplished via the 500 gss_compare_names routine. This removes the need for the application 501 program to understand the syntaxes of the various printable names 502 that a given GSSAPI implementation may support. 504 Storage is allocated by routines that return gss_name_t values. A 505 procedure, gss_release_name, is provided to free storage associated 506 with a name. 508 4.1.11. Channel Bindings 510 GSSAPI supports the use of user-specified tags to identify a given 511 context to the peer application. These tags are used to identify the 512 particular communications channel that carries the context. Channel 513 bindings are communicated to the GSSAPI using the following 514 structure: 516 typedef struct gss_channel_bindings_struct { 517 OM_uint32 initiator_addrtype; 518 gss_buffer_desc initiator_address; 519 OM_uint32 acceptor_addrtype; 520 gss_buffer_desc acceptor_address; 521 gss_buffer_desc application_data; 522 } *gss_channel_bindings_t; 524 The initiator_addrtype and acceptor_addrtype fields denote the type 525 of addresses contained in the initiator_address and acceptor_address 526 buffers. The address type should be one of the following: 528 GSS_C_AF_UNSPEC Unspecified address type 529 GSS_C_AF_LOCAL Host-local address type 530 GSS_C_AF_INET DARPA Internet address type 531 GSS_C_AF_IMPLINK ARPAnet IMP address type (eg IP) 532 GSS_C_AF_PUP pup protocols (eg BSP) address type 533 GSS_C_AF_CHAOS MIT CHAOS protocol address type 534 GSS_C_AF_NS XEROX NS address type 535 GSS_C_AF_NBS nbs address type 536 GSS_C_AF_ECMA ECMA address type 537 GSS_C_AF_DATAKIT datakit protocols address type 538 GSS_C_AF_CCITT CCITT protocols (eg X.25) 539 GSS_C_AF_SNA IBM SNA address type 540 GSS_C_AF_DECnet DECnet address type 541 GSS_C_AF_DLI Direct data link interface address type 542 GSS_C_AF_LAT LAT address type 543 GSS_C_AF_HYLINK NSC Hyperchannel address type 544 GSS_C_AF_APPLETALK AppleTalk address type 545 GSS_C_AF_BSC BISYNC 2780/3780 address type 546 GSS_C_AF_DSS Distributed system services address type 547 GSS_C_AF_OSI OSI TP4 address type 548 GSS_C_AF_X25 X25 549 GSS_C_AF_NULLADDR No address specified 551 Note that these name address families rather than specific addressing 552 formats. For address families that contain several alternative 553 address forms, the initiator_address and acceptor_address fields must 554 contain sufficient information to determine which address form is 555 used. When not otherwise specified, addresses should be specified in 556 network byte-order. 558 Conceptually, the GSSAPI concatenates the initiator_addrtype, 559 initiator_address, acceptor_addrtype, acceptor_address and 560 application_data to form an octet string. The mechanism signs this 561 octet string, and binds the signature to the context establishment 562 token emitted by gss_init_sec_context. The same bindings are 563 presented by the context acceptor to gss_accept_sec_context, and a 564 signature is calculated in the same way. The calculated signature is 565 compared with that found in the token, and if the signatures differ, 566 gss_accept_sec_context will return a GSS_S_BAD_BINDINGS error, and 567 the context will not be established. Some mechanisms may include the 568 actual channel binding data in the token (rather than just a 569 signature); applications should therefore not use confidential data 570 as channel-binding components. Individual mechanisms may impose 571 additional constraints on addresses and address types that may appear 572 in channel bindings. For example, a mechanism may verify that the 573 initiator_address field of the channel bindings presented to 574 gss_init_sec_context contains the correct network address of the host 575 system. 577 4.1.12. Optional parameters 579 Various parameters are described as optional. This means that they 580 follow a convention whereby a default value may be requested. The 581 following conventions are used for omitted parameters. These 582 conventions apply only to those parameters that are explicitly 583 documented as optional. 585 4.1.12.1. gss_buffer_t types 587 Specify GSS_C_NO_BUFFER as a value. For an input parameter this 588 signifies that default behavior is requested, while for an output 589 parameter it indicates that the information that would be returned 590 via the parameter is not required by the application. 592 4.1.12.2. Integer types (input) 594 Individual parameter documentation lists values to be used to 595 indicate default actions. 597 4.1.12.3. Integer types (output) 599 Specify NULL as the value for the pointer. 601 4.1.12.4. Pointer types 603 Specify NULL as the value. 605 4.1.12.5. Object IDs 607 Specify GSS_C_NULL_OID as the value. 609 4.1.12.6. Object ID Sets 611 Specify GSS_C_NULL_OID_SET as the value. 613 4.1.12.7. Credentials 615 Specify GSS_C_NO_CREDENTIAL to use the default credential handle. 617 4.1.12.8. Channel Bindings 619 Specify GSS_C_NO_CHANNEL_BINDINGS to indicate that channel bindings 620 are not to be used. 622 5. GSSAPI routine descriptions 624 5.1. gss_acquire_cred 626 OM_uint32 gss_acquire_cred ( 627 OM_uint32 * minor_status, 628 gss_name_t desired_name, 629 OM_uint32 time_req, 630 gss_OID_set desired_mechs, 631 int cred_usage, 632 gss_cred_id_t * output_cred_handle, 633 gss_OID_set * actual_mechs, 634 OM_int32 * time_rec) 635 Purpose: 637 Allows an application to acquire a handle for a pre-existing 638 credential by name. GSSAPI implementations must impose a local 639 access-control policy on callers of this routine to prevent 640 unauthorized callers from acquiring credentials to which they are not 641 entitled. This routine is not intended to provide a ``login to the 642 network'' function, as such a function would result in the creation 643 of new credentials rather than merely acquiring a handle to existing 644 credentials. Such functions, if required, should be defined in 645 implementation-specific extensions to the API. 647 If credential acquisition is time-consuming for a mechanism, the 648 mechanism may chooses to delay the actual acquisition until the 649 credential is required (e.g. by gss_init_sec_context or 650 gss_accept_sec_context). Such mechanism-specific implementation 651 decisions should be invisible to the calling application; thus a call 652 of gss_inquire_cred immediately following the call of 653 gss_acquire_cred must return valid credential data, and may therefore 654 incur the overhead of a deferred credential acquisition. 656 Parameters: 658 desired_name gss_name_t, read 659 Name of principal whose credential 660 should be acquired 662 time_req integer, read 663 number of seconds that credentials 664 should remain valid 666 desired_mechs Set of Object IDs, read 667 set of underlying security mechanisms that 668 may be used. GSS_C_NULL_OID_SET may be used 669 to obtain an implementation-specific default. 671 cred_usage integer, read 672 GSS_C_BOTH - Credentials may be used 673 either to initiate or accept 674 security contexts. 675 GSS_C_INITIATE - Credentials will only be 676 used to initiate security 677 contexts. 678 GSS_C_ACCEPT - Credentials will only be used to 679 accept security contexts. 681 output_cred_handle gss_cred_id_t, modify 682 The returned credential handle. 684 actual_mechs Set of Object IDs, modify, optional 685 The set of mechanisms for which the 686 credential is valid. Specify NULL 687 if not required. 689 time_rec Integer, modify, optional 690 Actual number of seconds for which the 691 returned credentials will remain valid. If the 692 implementation does not support expiration of 693 credentials, the value GSS_C_INDEFINITE will 694 be returned. Specify NULL if not required 696 minor_status Integer, modify 697 Mechanism specific status code. 699 Function value: 701 GSS status code: 703 GSS_S_COMPLETE Successful completion 705 GSS_S_BAD_MECH Unavailable mechanism requested 707 GSS_S_BAD_NAMETYPE Type contained within desired_name parameter is 708 not supported 710 GSS_S_BAD_NAME Value supplied for desired_name parameter is ill- 711 formed. 713 GSS_S_FAILURE Unspecified failure. The minor_status parameter 714 contains more detailed information 716 5.2. gss_release_cred 718 OM_uint32 gss_release_cred ( 719 OM_uint32 * minor_status, 720 gss_cred_id_t * cred_handle) 722 Purpose: 724 Informs GSSAPI that the specified credential handle is no longer 725 required by the process. When all processes have released a 726 credential, it will be deleted. 728 Parameters: 730 cred_handle gss_cred_id_t, modify, optional 731 buffer containing opaque credential 732 handle. If GSS_C_NO_CREDENTIAL is supplied, 733 the default credential will be released 735 minor_status integer, modify 736 Mechanism specific status code. 738 Function value: 740 GSS status code: 742 GSS_S_COMPLETE Successful completion 744 GSS_S_NO_CRED Credentials could not be accessed. 746 5.3. gss_init_sec_context 748 OM_uint32 gss_init_sec_context ( 749 OM_uint32 * minor_status, 750 gss_cred_id_t claimant_cred_handle, 751 gss_ctx_id_t * context_handle, 752 gss_name_t target_name, 753 gss_OID mech_type, 754 int req_flags, 755 int time_req, 756 gss_channel_bindings_t 757 input_chan_bindings, 758 gss_buffer_t input_token 759 gss_OID * actual_mech_type, 760 gss_buffer_t output_token, 761 int * ret_flags, 762 OM_uint32 * time_rec ) 764 Purpose: 766 Initiates the establishment of a security context between the 767 application and a remote peer. Initially, the input_token parameter 768 should be specified as GSS_C_NO_BUFFER. The routine may return a 769 output_token which should be transferred to the peer application, 770 where the peer application will present it to gss_accept_sec_context. 771 If no token need be sent, gss_init_sec_context will indicate this by 772 setting the length field of the output_token argument to zero. To 773 complete the context establishment, one or more reply tokens may be 774 required from the peer application; if so, gss_init_sec_context will 775 return a status indicating GSS_S_CONTINUE_NEEDED in which case it 776 should be called again when the reply token is received from the peer 777 application, passing the token to gss_init_sec_context via the 778 input_token parameters. 780 The values returned via the ret_flags and time_rec parameters are not 781 defined unless the routine returns GSS_S_COMPLETE. 783 Parameters: 785 claimant_cred_handle gss_cred_id_t, read, optional 786 handle for credentials claimed. Supply 787 GSS_C_NO_CREDENTIAL to use default 788 credentials. 790 context_handle gss_ctx_id_t, read/modify 791 context handle for new context. Supply 792 GSS_C_NO_CONTEXT for first call; use value 793 returned by first call in continuation calls. 795 target_name gss_name_t, read 796 Name of target 798 mech_type OID, read, optional 799 Object ID of desired mechanism. Supply 800 GSS_C_NULL_OID to obtain an implementation 801 specific default 803 req_flags bit-mask, read 804 Contains four independent flags, each of 805 which requests that the context support a 806 specific service option. Symbolic 807 names are provided for each flag, and the 808 symbolic names corresponding to the required 809 flags should be logically-ORed 810 together to form the bit-mask value. The 811 flags are: 813 GSS_C_DELEG_FLAG 814 True - Delegate credentials to remote peer 815 False - Don't delegate 816 GSS_C_MUTUAL_FLAG 817 True - Request that remote peer 818 authenticate itself 819 False - Authenticate self to remote peer 820 only 821 GSS_C_REPLAY_FLAG 822 True - Enable replay detection for signed 823 or sealed messages 824 False - Don't attempt to detect 825 replayed messages 826 GSS_C_SEQUENCE_FLAG 827 True - Enable detection of out-of-sequence 828 signed or sealed messages 829 False - Don't attempt to detect 830 out-of-sequence messages 832 time_req integer, read 833 Desired number of seconds for which context 834 should remain valid. Supply 0 to request a 835 default validity period. 837 input_chan_bindings channel bindings, read 838 Application-specified bindings. Allows 839 application to securely bind channel 840 identification information to the security 841 context. 843 input_token buffer, opaque, read, optional (see text) 844 Token received from peer application. 845 Supply GSS_C_NO_BUFFER on initial call. 847 actual_mech_type OID, modify 848 actual mechanism used. 850 output_token buffer, opaque, modify 851 token to be sent to peer application. If 852 the length field of the returned buffer is 853 zero, no token need be sent to the peer 854 application. 856 ret_flags bit-mask, modify 857 Contains six independent flags, each of which 858 indicates that the context supports a specific 859 service option. Symbolic names are provided 860 for each flag, and the symbolic names 861 corresponding to the required flags should be 862 logically-ANDed with the ret_flags value to test 863 whether a given option is supported by the 864 context. The flags are: 866 GSS_C_DELEG_FLAG 867 True - Credentials were delegated to 868 the remote peer 869 False - No credentials were delegated 870 GSS_C_MUTUAL_FLAG 871 True - Remote peer has been asked to 872 authenticated itself 873 False - Remote peer has not been asked to 874 authenticate itself 875 GSS_C_REPLAY_FLAG 876 True - replay of signed or sealed messages 877 will be detected 878 False - replayed messages will not be 879 detected 880 GSS_C_SEQUENCE_FLAG 881 True - out-of-sequence signed or sealed 882 messages will be detected 883 False - out-of-sequence messages will not 884 be detected 885 GSS_C_CONF_FLAG 886 True - Confidentiality service may be 887 invoked by calling seal routine 888 False - No confidentiality service (via 889 seal) available. seal will provide 890 message encapsulation, data-origin 891 authentication and integrity 892 services only. 893 GSS_C_INTEG_FLAG 894 True - Integrity service may be invoked by 895 calling either gss_sign or gss_seal 896 routines. 897 False - Per-message integrity service 898 unavailable. 900 time_rec integer, modify, optional 901 number of seconds for which the context 902 will remain valid. If the implementation does 903 not support credential expiration, the value 904 GSS_C_INDEFINITE will be returned. Specify 905 NULL if not required. 907 minor_status integer, modify 908 Mechanism specific status code. 910 Function value: 912 GSS status code: 914 GSS_S_COMPLETE Successful completion 916 GSS_S_CONTINUE_NEEDED Indicates that a token from the peer 917 application is required to complete thecontext, and 918 that gss_init_sec_context must be called again with 919 that token. 921 GSS_S_DEFECTIVE_TOKEN Indicates that consistency checks performed on 922 the input_token failed 924 GSS_S_DEFECTIVE_CREDENTIAL Indicates that consistency checks 925 performed on the credential failed. 927 GSS_S_NO_CRED The supplied credentials were not valid for context 928 initiation, or the credential handle did not 929 reference any credentials. 931 GSS_S_CREDENTIALS_EXPIRED The referenced credentials have expired 933 GSS_S_BAD_BINDINGS The input_token contains different channel 934 bindings to those specified via the 935 input_chan_bindings parameter 937 GSS_S_BAD_SIG The input_token contains an invalid signature, or a 938 signature that could not be verified 940 GSS_S_OLD_TOKEN The input_token was too old. This is a fatal error 941 during context establishment 943 GSS_S_DUPLICATE_TOKEN The input_token is valid, but is a duplicate of 944 a token already processed. This is a fatal error 945 during context establishment. 947 GSS_S_NO_CONTEXT Indicates that the supplied context handle did not 948 refer to a valid context 950 GSS_S_BAD_NAMETYPE The provided target_name parameter contained an 951 invalid or unsupported type of name 953 GSS_S_BAD_NAME The provided target_name parameter was ill-formed. 955 GSS_S_FAILURE Failure. See minor_status for more information 957 5.4. gss_accept_sec_context 959 OM_uint32 gss_accept_sec_context ( 960 OM_uint32 * minor_status, 961 gss_ctx_id_t * context_handle, 962 gss_cred_id_t verifier_cred_handle, 963 gss_buffer_t input_token_buffer 964 gss_channel_bindings_t 965 input_chan_bindings, 966 gss_name_t * src_name, 967 gss_OID * mech_type, 968 gss_buffer_t output_token, 969 int * ret_flags, 970 OM_uint32 * time_rec, 971 gss_cred_id_t * delegated_cred_handle) 973 Purpose: 975 Allows a remotely initiated security context between the application 976 and a remote peer to be established. The routine may return a 977 output_token which should be transferred to the peer application, 978 where the peer application will present it to gss_init_sec_context. 979 If no token need be sent, gss_accept_sec_context will indicate this 980 by setting the length field of the output_token argument to zero. To 981 complete the context establishment, one or more reply tokens may be 982 required from the peer application; if so, gss_accept_sec_context 983 will return a status flag of GSS_S_CONTINUE_NEEDED, in which case it 984 should be called again when the reply token is received from the peer 985 application, passing the token to gss_accept_sec_context via the 986 input_token parameters. 988 The values returned via the src_name, ret_flags, time_rec, and 989 delegated_cred_handle parameters are not defined unless the routine 990 returns GSS_S_COMPLETE. 992 Parameters: 994 context_handle gss_ctx_id_t, read/modify 995 context handle for new context. Supply 996 GSS_C_NO_CONTEXT for first call; use value 997 returned in subsequent calls. 999 verifier_cred_handle gss_cred_id_t, read, optional 1000 Credential handle claimed by context 1001 acceptor. 1002 Specify GSS_C_NO_CREDENTIAL to use default 1003 credentials. If GSS_C_NO_CREDENTIAL is 1004 specified, but the caller has no default 1005 credentials established, an 1006 implementation-defined default credential 1007 may be used. 1009 input_token_buffer buffer, opaque, read 1010 token obtained from remote application 1012 input_chan_bindings channel bindings, read 1013 Application-specified bindings. Allows 1014 application to securely bind channel 1015 identification information to the security 1016 context. 1018 src_name gss_name_t, modify, optional 1019 Authenticated name of context initiator. 1020 After use, this name should be deallocated by 1021 passing it to gss_release_name. If not required, 1022 specify NULL. 1024 mech_type Object ID, modify 1025 Security mechanism used. The returned 1026 OID value will be a pointer into static 1027 storage, and should be treated as read-only 1028 by the caller. 1030 output_token buffer, opaque, modify 1031 Token to be passed to peer application. If the 1032 length field of the returned token buffer is 0, 1033 then no token need be passed to the peer 1034 application. 1036 ret_flags bit-mask, modify 1037 Contains six independent flags, each of 1038 which indicates that the context supports a 1039 specific service option. Symbolic names are 1040 provided for each flag, and the symbolic names 1041 corresponding to the required flags 1042 should be logically-ANDed with the ret_flags 1043 value to test whether a given option is 1044 supported by the context. The flags are: 1045 GSS_C_DELEG_FLAG 1046 True - Delegated credentials are available 1047 via the delegated_cred_handle 1048 parameter 1049 False - No credentials were delegated 1050 GSS_C_MUTUAL_FLAG 1051 True - Remote peer asked for mutual 1052 authentication 1053 False - Remote peer did not ask for mutual 1054 authentication 1055 GSS_C_REPLAY_FLAG 1056 True - replay of signed or sealed messages 1057 will be detected 1058 False - replayed messages will not be 1059 detected 1060 GSS_C_SEQUENCE_FLAG 1061 True - out-of-sequence signed or sealed 1062 messages will be detected 1063 False - out-of-sequence messages will not 1064 be detected 1065 GSS_C_CONF_FLAG 1066 True - Confidentiality service may be invoked 1067 by calling seal routine 1068 False - No confidentiality service (via 1069 seal) available. seal will provide 1070 message encapsulation, data-origin 1071 authentication and integrity services 1072 only. 1073 GSS_C_INTEG_FLAG 1074 True - Integrity service may be invoked by 1075 calling either gss_sign or gss_seal 1076 routines. 1077 False - Per-message integrity service 1078 unavailable. 1080 time_rec integer, modify, optional 1081 number of seconds for which the context 1082 will remain valid. Specify NULL if not required. 1084 delegated_cred_handle 1085 gss_cred_id_t, modify 1086 credential handle for credentials received from 1087 context initiator. Only valid if deleg_flag in 1088 ret_flags is true. 1090 minor_status integer, modify 1091 Mechanism specific status code. 1093 Function value: 1095 GSS status code: 1097 GSS_S_COMPLETE Successful completion 1099 GSS_S_CONTINUE_NEEDED Indicates that a token from the peer 1100 application is required to complete the context, 1101 and that gss_accept_sec_context must be called 1102 again with that token. 1104 GSS_S_DEFECTIVE_TOKEN Indicates that consistency checks performed on 1105 the input_token failed. 1107 GSS_S_DEFECTIVE_CREDENTIAL Indicates that consistency checks 1108 performed on the credential failed. 1110 GSS_S_NO_CRED The supplied credentials were not valid for context 1111 acceptance, or the credential handle did not 1112 reference any credentials. 1114 GSS_S_CREDENTIALS_EXPIRED The referenced credentials have expired. 1116 GSS_S_BAD_BINDINGS The input_token contains different channel 1117 bindings to those specified via the 1118 input_chan_bindings parameter. 1120 GSS_S_NO_CONTEXT Indicates that the supplied context handle did not 1121 refer to a valid context. 1123 GSS_S_BAD_SIG The input_token contains an invalid signature. 1125 GSS_S_OLD_TOKEN The input_token was too old. This is a fatal error 1126 during context establishment. 1128 GSS_S_DUPLICATE_TOKEN The input_token is valid, but is a duplicate of 1129 a token already processed. This is a fatal error 1130 during context establishment. 1132 GSS_S_FAILURE Failure. See minor_status for more information. 1134 5.5. gss_process_context_token 1136 OM_uint32 gss_process_context_token ( 1137 OM_uint32 * minor_status, 1138 gss_ctx_id_t context_handle, 1139 gss_buffer_t token_buffer) 1141 Purpose: 1143 Provides a way to pass a token to the security service. Usually, 1144 tokens are associated either with context establishment (when they 1145 would be passed to gss_init_sec_context or gss_accept_sec_context) or 1146 with per-message security service (when they would be passed to 1147 gss_verify or gss_unseal). Occasionally, tokens may be received at 1148 other times, and gss_process_context_token allows such tokens to be 1149 passed to the underlying security service for processing. At 1150 present, such additional tokens may only be generated by 1151 gss_delete_sec_context. GSSAPI implementation may use this service 1152 to implement deletion of the security context. 1154 Parameters: 1156 context_handle gss_ctx_id_t, read 1157 context handle of context on which token is to 1158 be processed 1160 token_buffer buffer, opaque, read 1161 pointer to first byte of token to process 1163 minor_status integer, modify 1164 Implementation specific status code. 1166 Function value: 1168 GSS status code: 1170 GSS_S_COMPLETE Successful completion 1172 GSS_S_DEFECTIVE_TOKEN Indicates that consistency checks performed on 1173 the token failed 1175 GSS_S_FAILURE Failure. See minor_status for more information 1177 GSS_S_NO_CONTEXT The context_handle did not refer to a valid context 1179 5.6. gss_delete_sec_context 1181 OM_uint32 gss_delete_sec_context ( 1182 OM_uint32 * minor_status, 1183 gss_ctx_id_t * context_handle, 1184 gss_buffer_t output_token) 1186 Purpose: 1188 Delete a security context. gss_delete_sec_context will delete the 1189 local data structures associated with the specified security context, 1190 and generate an output_token, which when passed to the peer 1191 gss_process_context_token will instruct it to do likewise. No 1192 further security services may be obtained using the context specified 1193 by context_handle. 1195 Parameters: 1197 minor_status integer, modify 1198 Mechanism specific status code. 1200 context_handle gss_ctx_id_t, modify 1201 context handle identifying context to delete. 1203 output_token buffer, opaque, modify 1204 token to be sent to remote application to 1205 instruct it to also delete the context 1207 Function value: 1209 GSS status code: 1211 GSS_S_COMPLETE Successful completion 1213 GSS_S_FAILURE Failure, see minor_status for more information 1215 GSS_S_NO_CONTEXT No valid context was supplied 1217 5.7. gss_context_time 1219 OM_uint32 gss_context_time ( 1220 OM_uint32 * minor_status, 1221 gss_ctx_id_t context_handle, 1222 OM_uint32 * time_rec) 1224 Purpose: 1226 Determines the number of seconds for which the specified context will 1227 remain valid. 1229 Parameters: 1231 minor_status integer, modify 1232 Implementation specific status code. 1234 context_handle gss_ctx_id_t, read 1235 Identifies the context to be interrogated. 1237 time_rec integer, modify 1238 Number of seconds that the context will remain 1239 valid. If the context has already expired, 1240 zero will be returned. 1242 Function value: 1244 GSS status code: 1246 GSS_S_COMPLETE Successful completion 1248 GSS_S_CONTEXT_EXPIRED The context has already expired 1249 GSS_S_CREDENTIALS_EXPIRED The context is recognized, but associated 1250 credentials have expired 1252 GSS_S_NO_CONTEXT The context_handle parameter did not identify a 1253 valid context 1255 5.8. gss_sign 1257 OM_uint32 gss_sign ( 1258 OM_uint32 * minor_status, 1259 gss_ctx_id_t context_handle, 1260 int qop_req, 1261 gss_buffer_t message_buffer, 1262 gss_buffer_t msg_token) 1264 Purpose: 1266 Generates a cryptographic signature for the supplied message, and 1267 places the signature in a token for transfer to the peer application. 1268 The qop_req parameter allows a choice between several cryptographic 1269 algorithms, if supported by the chosen mechanism. 1271 Parameters: 1273 minor_status integer, modify 1274 Implementation specific status code. 1276 context_handle gss_ctx_id_t, read 1277 identifies the context on which the message 1278 will be sent 1280 qop_req integer, read, optional 1281 Specifies requested quality of protection. 1282 Callers are encouraged, on portability grounds, 1283 to accept the default quality of protection 1284 offered by the chosen mechanism, which may be 1285 requested by specifying GSS_C_QOP_DEFAULT for 1286 this parameter. If an unsupported protection 1287 strength is requested, gss_sign will return a 1288 major_status of GSS_S_FAILURE. 1290 message_buffer buffer, opaque, read 1291 message to be signed 1293 msg_token buffer, opaque, modify 1294 buffer to receive token 1296 Function value: 1298 GSS status code: 1300 GSS_S_COMPLETE Successful completion 1302 GSS_S_CONTEXT_EXPIRED The context has already expired 1304 GSS_S_CREDENTIALS_EXPIRED The context is recognized, but associated 1305 credentials have expired 1307 GSS_S_NO_CONTEXT The context_handle parameter did not identify a 1308 valid context 1310 GSS_S_FAILURE Failure. See minor_status for more information. 1312 5.9. gss_verify 1314 OM_uint32 gss_verify ( 1315 OM_uint32 * minor_status, 1316 gss_ctx_id_t context_handle, 1317 gss_buffer_t message_buffer, 1318 gss_buffer_t token_buffer, 1319 int * qop_state) 1321 Purpose: 1323 Verifies that a cryptographic signature, contained in the token 1324 parameter, fits the supplied message. The qop_state parameter allows 1325 a message recipient to determine the strength of protection that was 1326 applied to the message. 1328 Parameters: 1330 minor_status integer, modify 1331 Mechanism specific status code. 1333 context_handle gss_ctx_id_t, read 1334 identifies the context on which the message 1335 arrived 1337 message_buffer buffer, opaque, read 1338 message to be verified 1340 token_buffer buffer, opaque, read 1341 token associated with message 1343 qop_state integer, modify 1344 quality of protection gained from signature 1346 Function value: 1348 GSS status code: 1350 GSS_S_COMPLETE Successful completion 1352 GSS_S_DEFECTIVE_TOKEN The token failed consistency checks 1354 GSS_S_BAD_SIG The signature was incorrect 1356 GSS_S_DUPLICATE_TOKEN The token was valid, and contained a correct 1357 signature for the message, but it had already been 1358 processed 1360 GSS_S_OLD_TOKEN The token was valid, and contained a correct 1361 signature for the message, but it is too old 1363 GSS_S_UNSEQ_TOKEN The token was valid, and contained a correct 1364 signature for the message, but has been verified 1365 out of sequence; an earlier token has been signed 1366 or sealed by the remote application, but not yet 1367 been processed locally. 1369 GSS_S_CONTEXT_EXPIRED The context has already expired 1371 GSS_S_CREDENTIALS_EXPIRED The context is recognized, but associated 1372 credentials have expired 1374 GSS_S_NO_CONTEXT The context_handle parameter did not identify a 1375 valid context 1377 GSS_S_FAILURE Failure. See minor_status for more information. 1379 5.10. gss_seal 1381 OM_uint32 gss_seal ( 1382 OM_uint32 * minor_status, 1383 gss_ctx_id_t context_handle, 1384 int conf_req_flag, 1385 int qop_req 1386 gss_buffer_t input_message_buffer, 1387 int * conf_state, 1388 gss_buffer_t output_message_buffer) 1390 Purpose: 1392 Cryptographically signs and optionally encrypts the specified 1393 input_message. The output_message contains both the signature and 1394 the message. The qop_req parameter allows a choice between several 1395 cryptographic algorithms, if supported by the chosen mechanism. 1397 Parameters: 1399 minor_status integer, modify 1400 Mechanism specific status code. 1402 context_handle gss_ctx_id_t, read 1403 identifies the context on which the message 1404 will be sent 1406 conf_req_flag boolean, read 1407 True - Both confidentiality and integrity 1408 services are requested 1409 False - Only integrity service is requested 1411 qop_req integer, read, optional 1412 Specifies required quality of protection. A 1413 mechanism-specific default may be requested by 1414 setting qop_req to GSS_C_QOP_DEFAULT. If an 1415 unsupported protection strength is requested, 1416 gss_seal will return a major_status of 1417 GSS_S_FAILURE. 1419 input_message_buffer buffer, opaque, read 1420 message to be sealed 1422 conf_state boolean, modify 1423 True - Confidentiality, data origin 1424 authentication and integrity services 1425 have been applied 1426 False - Integrity and data origin services only 1427 has been applied. 1429 output_message_buffer buffer, opaque, modify 1430 buffer to receive sealed message 1432 Function value: 1434 GSS status code: 1436 GSS_S_COMPLETE Successful completion 1438 GSS_S_CONTEXT_EXPIRED The context has already expired 1440 GSS_S_CREDENTIALS_EXPIRED The context is recognized, but associated 1441 credentials have expired 1443 GSS_S_NO_CONTEXT The context_handle parameter did not identify a 1444 valid context 1446 GSS_S_FAILURE Failure. See minor_status for more information. 1448 5.11. gss_unseal 1450 OM_uint32 gss_unseal ( 1451 OM_uint32 * minor_status, 1452 gss_ctx_id_t context_handle, 1453 gss_buffer_t input_message_buffer, 1454 gss_buffer_t output_message_buffer, 1455 int * conf_state, 1456 int * qop_state) 1458 Purpose: 1460 Converts a previously sealed message back to a usable form, verifying 1461 the embedded signature. The conf_state parameter indicates whether 1462 the message was encrypted; the qop_state parameter indicates the 1463 strength of protection that was used to provide the confidentiality 1464 and integrity services. 1466 Parameters: 1468 minor_status integer, modify 1469 Mechanism specific status code. 1471 context_handle gss_ctx_id_t, read 1472 identifies the context on which the message 1473 arrived 1475 input_message_buffer buffer, opaque, read 1476 sealed message 1478 output_message_buffer buffer, opaque, modify 1479 buffer to receive unsealed message 1481 conf_state boolean, modify 1482 True - Confidentiality and integrity protection 1483 were used 1484 False - Inteegrity service only was used 1486 qop_state integer, modify 1487 quality of protection gained from signature 1489 Function value: 1491 GSS status code: 1493 GSS_S_COMPLETE Successful completion 1495 GSS_S_DEFECTIVE_TOKEN The token failed consistency checks 1497 GSS_S_BAD_SIG The signature was incorrect 1498 GSS_S_DUPLICATE_TOKEN The token was valid, and contained a correct 1499 signature for the message, but it had already been 1500 processed 1502 GSS_S_OLD_TOKEN The token was valid, and contained a correct 1503 signature for the message, but it is too old 1505 GSS_S_UNSEQ_TOKEN The token was valid, and contained a correct 1506 signature for the message, but has been verified 1507 out of sequence; an earlier token has been signed 1508 or sealed by the remote application, but not yet 1509 been processed locally. 1511 GSS_S_CONTEXT_EXPIRED The context has already expired 1513 GSS_S_CREDENTIALS_EXPIRED The context is recognized, but associated 1514 credentials have expired 1516 GSS_S_NO_CONTEXT The context_handle parameter did not identify a 1517 valid context 1519 GSS_S_FAILURE Failure. See minor_status for more information. 1521 5.12. gss_display_status 1523 OM_uint32 gss_display_status ( 1524 OM_uint32 * minor_status, 1525 int status_value, 1526 int status_type, 1527 gss_OID mech_type, 1528 int * message_context, 1529 gss_buffer_t status_string) 1531 Purpose: 1533 Allows an application to obtain a textual representation of a GSSAPI 1534 status code, for display to the user or for logging purposes. Since 1535 some status values may indicate multiple errors, applications may 1536 need to call gss_display_status multiple times, each call 1537 generating a single text string. The message_context parameter is 1538 used to indicate which error message should be extracted from a given 1539 status_value; message_context should be initialized to 0, and 1540 gss_display_status will return a non-zero value if there are further 1541 messages to extract. 1543 Parameters: 1545 minor_status integer, modify 1546 Mechanism specific status code. 1548 status_value integer, read 1549 Status value to be converted 1551 status_type integer, read 1552 GSS_C_GSS_CODE - status_value is a GSS status 1553 code 1554 GSS_C_MECH_CODE - status_value is a mechanism 1555 status code 1557 mech_type Object ID, read, optional 1558 Underlying mechanism (used to interpret a 1559 minor status value) Supply GSS_C_NULL_OID to 1560 obtain the system default. 1562 message_context integer, read/modify 1563 Should be initialized to zero by caller 1564 on first call. If further messages are 1565 contained in the status_value parameter, 1566 message_context will be non-zero on return, 1567 and this value should be passed back to 1568 subsequent calls, along with the same 1569 status_value, status_type and mech_type 1570 parameters. 1572 status_string buffer, character string, modify 1573 textual interpretation of the status_value 1575 Function value: 1577 GSS status code: 1579 GSS_S_COMPLETE Successful completion 1581 GSS_S_BAD_MECH Indicates that translation in accordance with an 1582 unsupported mechanism type was requested 1584 GSS_S_BAD_STATUS The status value was not recognized, or the status 1585 type was neither GSS_C_GSS_CODE nor 1586 GSS_C_MECH_CODE. 1588 5.13. gss_indicate_mechs 1590 OM_uint32 gss_indicate_mechs ( 1591 OM_uint32 * minor_status, 1592 gss_OID_set * mech_set) 1594 Purpose: 1596 Allows an application to determine which underlying security 1597 mechanisms are available. 1599 Parameters: 1601 minor_status integer, modify 1602 Mechanism specific status code. 1604 mech_set set of Object IDs, modify 1605 set of implementation-supported mechanisms. 1606 The returned gss_OID_set value will be a 1607 pointer into static storage, and should be 1608 treated as read-only by the caller. 1610 Function value: 1612 GSS status code: 1614 GSS_S_COMPLETE Successful completion 1616 5.14. gss_compare_name 1618 OM_uint32 gss_compare_name ( 1619 OM_uint32 * minor_status, 1620 gss_name_t name1, 1621 gss_name_t name2, 1622 int * name_equal) 1624 Purpose: 1626 Allows an application to compare two API-format names to determine 1627 whether they refer to the same entity. 1629 Parameters: 1631 minor_status integer, modify 1632 Mechanism specific status code. 1634 name1 gss_name_t, read 1635 API-format name 1637 name2 gss_name_t, read 1638 API-format name 1640 name_equal boolean, modify 1641 True - names refer to same entity 1642 False - names refer to different entities 1643 (strictly, the names are not known to 1644 refer to the same identity). 1646 Function value: 1648 GSS status code: 1650 GSS_S_COMPLETE Successful completion 1652 GSS_S_BAD_NAMETYPE The type contained within either name1 or name2 1653 was unrecognized, or the names were of incomparable 1654 types. 1656 GSS_S_BAD_NAME One or both of name1 or name2 was ill-formed 1658 5.15. gss_display_name 1660 OM_uint32 gss_display_name ( 1661 OM_uint32 * minor_status, 1662 gss_name_t input_name, 1663 gss_buffer_t output_name_buffer, 1664 gss_OID * output_name_type) 1666 Purpose: 1668 Allows an application to obtain a textual representation of an opaque 1669 API-format name for display purposes. The syntax of a printable name 1670 is defined by the GSSAPI implementation. 1672 Parameters: 1674 minor_status integer, modify 1675 Mechanism specific status code. 1677 input_name gss_name_t, read 1678 name to be displayed 1680 output_name_buffer buffer, character-string, modify 1681 buffer to receive textual name string 1683 output_name_type Object ID, modify 1684 The type of the returned name. The returned 1685 gss_OID will be a pointer into static storage, 1686 and should be treated as read-only by the caller 1688 Function value: 1690 GSS status code: 1692 GSS_S_COMPLETE Successful completion 1694 GSS_S_BAD_NAMETYPE The type of input_name was not recognized 1696 GSS_S_BAD_NAME input_name was ill-formed 1698 5.16. gss_import_name 1700 OM_uint32 gss_import_name ( 1701 OM_uint32 * minor_status, 1702 gss_buffer_t input_name_buffer, 1703 gss_OID input_name_type, 1704 gss_name_t * output_name) 1706 Purpose: 1708 Convert a printable name to API format. 1710 Parameters: 1712 minor_status integer, modify 1713 Mechanism specific status code 1715 input_name_buffer buffer, character-string, read 1716 buffer containing printable name to convert 1718 input_name_type Object ID, read, optional 1719 Object Id specifying type of printable 1720 name. Applications may specify either 1721 GSS_C_NULL_OID to use a local system-specific 1722 printable syntax, or an OID registered by the 1723 GSSAPI implementation to name a particular 1724 namespace. 1726 output_name gss_name_t, modify 1727 returned name in API format 1729 Function value: 1731 GSS status code 1733 GSS_S_COMPLETE Successful completion 1735 GSS_S_BAD_NAMETYPE The input_name_type was unrecognized 1737 GSS_S_BAD_NAME The input_name parameter could not be interpreted 1738 as a name of the specified type 1740 5.17. gss_release_name 1742 OM_uint32 gss_release_name ( 1743 OM_uint32 * minor_status, 1744 gss_name_t * name) 1746 Purpose: 1748 Free GSSAPI-allocated storage associated with an API format name. 1750 Parameters: 1752 minor_status integer, modify 1753 Mechanism specific status code 1755 name gss_name_t, modify 1756 The name to be deleted 1758 Function value: 1760 GSS status code 1762 GSS_S_COMPLETE Successful completion 1764 GSS_S_BAD_NAME The name parameter did not contain a valid name 1766 5.18. gss_release_buffer 1768 OM_uint32 gss_release_buffer ( 1769 OM_uint32 * minor_status, 1770 gss_buffer_t buffer) 1772 Purpose: 1774 Free storage associated with a buffer format name. The storage must 1775 have been allocated by a GSSAPI routine. In addition to freeing the 1776 associated storage, the routine will zero the length field in the 1777 buffer parameter. 1779 Parameters: 1781 minor_status integer, modify 1782 Mechanism specific status code 1784 buffer buffer, modify 1785 The storage associated with the buffer will be 1786 deleted. The gss_buffer_desc object will not 1787 be freed, but its length field will be zeroed. 1789 Function value: 1791 GSS status code 1793 GSS_S_COMPLETE Successful completion 1795 5.19. gss_release_oid_set 1797 OM_uint32 gss_release_oid_set ( 1798 OM_uint32 * minor_status, 1799 gss_OID_set * set) 1801 Purpose: 1803 Free storage associated with a gss_OID_set object. The storage 1804 must have been allocated by a GSSAPI routine. 1806 Parameters: 1808 minor_status integer, modify 1809 Mechanism specific status code 1811 set Set of Object IDs, modify 1812 The storage associated with the gss_OID_set 1813 will be deleted. 1815 Function value: 1817 GSS status code 1819 GSS_S_COMPLETE Successful completion 1821 5.20. gss_inquire_cred 1823 OM_uint32 gss_inquire_cred ( 1824 OM_uint32 * minor_status, 1825 gss_cred_id_t cred_handle, 1826 gss_name_t * name, 1827 OM_uint32 * lifetime, 1828 int * cred_usage, 1829 gss_OID_set * mechanisms ) 1831 Purpose: 1833 Obtains information about a credential. The caller must already have 1834 obtained a handle that refers to the credential. 1836 Parameters: 1838 minor_status integer, modify 1839 Mechanism specific status code 1841 cred_handle gss_cred_id_t, read 1842 A handle that refers to the target credential. 1843 Specify GSS_C_NO_CREDENTIAL to inquire about 1844 the default credential. 1846 name gss_name_t, modify 1847 The name whose identity the credential asserts. 1848 Specify NULL if not required. 1850 lifetime Integer, modify 1851 The number of seconds for which the credential 1852 will remain valid. If the credential has 1853 expired, this parameter will be set to zero. 1854 If the implementation does not support 1855 credential expiration, the value 1856 GSS_C_INDEFINITE will be returned. Specify 1857 NULL if not required. 1859 cred_usage Integer, modify 1860 How the credential may be used. One of the 1861 following: 1862 GSS_C_INITIATE 1863 GSS_C_ACCEPT 1864 GSS_C_BOTH 1865 Specify NULL if not required. 1867 mechanisms gss_OID_set, modify 1868 Set of mechanisms supported by the credential. 1869 Specify NULL if not required. 1871 Function value: 1873 GSS status code 1875 GSS_S_COMPLETE Successful completion 1877 GSS_S_NO_CRED The referenced credentials could not be accessed. 1879 GSS_S_DEFECTIVE_CREDENTIAL The referenced credentials were invalid. 1881 GSS_S_CREDENTIALS_EXPIRED The referenced credentials have expired. 1882 If the lifetime parameter was not passed as NULL, 1883 it will be set to 0. 1885 #ifndef GSSAPI_H_ 1886 #define GSSAPI_H_ 1888 /* 1889 * First, define the platform-dependent types. 1890 */ 1891 typedef OM_uint32; 1892 typedef gss_ctx_id_t; 1893 typedef gss_cred_id_t; 1894 typedef gss_name_t; 1896 /* 1897 * Note that a platform supporting the xom.h X/Open header file 1898 * may make use of that header for the definitions of OM_uint32 1899 * and the structure to which gss_OID_desc equates. 1900 */ 1902 typedef struct gss_OID_desc_struct { 1903 OM_uint32 length; 1904 void *elements; 1905 } gss_OID_desc, *gss_OID; 1907 typedef struct gss_OID_set_desc_struct { 1908 int count; 1909 gss_OID elements; 1910 } gss_OID_set_desc, *gss_OID_set; 1912 typedef struct gss_buffer_desc_struct { 1913 size_t length; 1914 void *value; 1915 } gss_buffer_desc, *gss_buffer_t; 1917 typedef struct gss_channel_bindings_struct { 1918 OM_uint32 initiator_addrtype; 1919 gss_buffer_desc initiator_address; 1920 OM_uint32 acceptor_addrtype; 1921 gss_buffer_desc acceptor_address; 1922 gss_buffer_desc application_data; 1923 } *gss_channel_bindings_t; 1925 /* 1926 * Six independent flags each of which indicates that a context 1927 * supports a specific service option. 1928 */ 1929 #define GSS_C_DELEG_FLAG 1 1930 #define GSS_C_MUTUAL_FLAG 2 1931 #define GSS_C_REPLAY_FLAG 4 1932 #define GSS_C_SEQUENCE_FLAG 8 1933 #define GSS_C_CONF_FLAG 16 1934 #define GSS_C_INTEG_FLAG 32 1935 /* 1936 * Credential usage options 1937 */ 1938 #define GSS_C_BOTH 0 1939 #define GSS_C_INITIATE 1 1940 #define GSS_C_ACCEPT 2 1942 /* 1943 * Status code types for gss_display_status 1944 */ 1945 #define GSS_C_GSS_CODE 1 1946 #define GSS_C_MECH_CODE 2 1948 /* 1949 * On a platform that provides socket.h, the following definitions 1950 * should equate to the AF_xxx constants defined therein: 1951 * #define GSS_C_AF_LOCAL AF_LOCAL 1952 * etc. In the absence os a socket.h header file, the following 1953 * literal definitions should be used: 1954 */ 1955 #define GSS_C_AF_UNSPEC 0; 1956 #define GSS_C_AF_LOCAL 1; 1957 #define GSS_C_AF_INET 2; 1958 #define GSS_C_AF_IMPLINK 3; 1959 #define GSS_C_AF_PUP 4; 1960 #define GSS_C_AF_CHAOS 5; 1961 #define GSS_C_AF_NS 6; 1962 #define GSS_C_AF_NBS 7; 1963 #define GSS_C_AF_ECMA 8; 1964 #define GSS_C_AF_DATAKIT 9; 1965 #define GSS_C_AF_CCITT 10; 1966 #define GSS_C_AF_SNA 11; 1967 #define GSS_C_AF_DECnet 12; 1968 #define GSS_C_AF_DLI 13; 1969 #define GSS_C_AF_LAT 14; 1970 #define GSS_C_AF_HYLINK 15; 1971 #define GSS_C_AF_APPLETALK 16; 1972 #define GSS_C_AF_BSC 17; 1973 #define GSS_C_AF_DSS 18; 1974 #define GSS_C_AF_OSI 19; 1975 #define GSS_C_AF_X25 21; 1977 #define GSS_C_AF_NULLADDR 255; 1979 #define GSS_C_NO_BUFFER ((gss_buffer_t) 0) 1980 #define GSS_C_NULL_OID ((gss_OID) 0) 1981 #define GSS_C_NULL_OID_SET ((gss_OID_set) 0) 1982 #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) 1983 #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) 1984 #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) 1985 #define GSS_C_EMPTY_BUFFER {0, NULL} 1986 /* 1987 * Define the default Quality of Protection for per-message 1988 * services. Note that an implementation that offers multiple 1989 * levels of QOP may either reserve a value (for example zero, 1990 * as assumed here) to mean "default protection", or alternatively 1991 * may simply equate GSS_C_QOP_DEFAULT to a specific explicit QOP 1992 * value. 1993 */ 1994 #define GSS_C_QOP_DEFAULT 0 1996 /* 1997 * Expiration time of 2^32-1 seconds means infinite lifetime for a 1998 * credential or security context 1999 */ 2000 #define GSS_C_INDEFINITE 0xffffffffu 2002 /* Major status codes */ 2004 #define GSS_S_COMPLETE 0 2006 /* 2007 * Some "helper" definitions to make the status code macros obvious. 2008 */ 2009 #define GSS_C_CALLING_ERROR_OFFSET 24 2010 #define GSS_C_ROUTINE_ERROR_OFFSET 16 2011 #define GSS_C_SUPPLEMENTARY_OFFSET 0 2012 #define GSS_C_CALLING_ERROR_MASK 0377 2013 #define GSS_C_ROUTINE_ERROR_MASK 0377 2014 #define GSS_C_SUPPLEMENTARY_MASK 0177777 2016 /* 2017 * The macros that test status codes for error conditions 2018 */ 2019 #define GSS_CALLING_ERROR(x) \ 2020 (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) 2021 #define GSS_ROUTINE_ERROR(x) \ 2022 (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) 2023 #define GSS_SUPPLEMENTARY_INFO(x) \ 2024 (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) 2025 #define GSS_ERROR(x) \ 2026 ((GSS_CALLING_ERROR(x) != 0) || (GSS_ROUTINE_ERROR(x) != 0)) 2028 /* 2029 * Now the actual status code definitions 2030 */ 2032 /* 2033 * Calling errors: 2034 */ 2036 #define GSS_S_CALL_INACCESSIBLE_READ \ 2037 (1 << GSS_C_CALLING_ERROR_OFFSET) 2038 #define GSS_S_CALL_INACCESSIBLE_WRITE \ 2039 (2 << GSS_C_CALLING_ERROR_OFFSET) 2040 #define GSS_S_CALL_BAD_STRUCTURE \ 2041 (3 << GSS_C_CALLING_ERROR_OFFSET) 2043 /* 2044 * Routine errors: 2045 */ 2046 #define GSS_S_BAD_MECH (1 << GSS_C_ROUTINE_ERROR_OFFSET) 2047 #define GSS_S_BAD_NAME (2 << GSS_C_ROUTINE_ERROR_OFFSET) 2048 #define GSS_S_BAD_NAMETYPE (3 << GSS_C_ROUTINE_ERROR_OFFSET) 2049 #define GSS_S_BAD_BINDINGS (4 << GSS_C_ROUTINE_ERROR_OFFSET) 2050 #define GSS_S_BAD_STATUS (5 << GSS_C_ROUTINE_ERROR_OFFSET) 2051 #define GSS_S_BAD_SIG (6 << GSS_C_ROUTINE_ERROR_OFFSET) 2052 #define GSS_S_NO_CRED (7 << GSS_C_ROUTINE_ERROR_OFFSET) 2053 #define GSS_S_NO_CONTEXT (8 << GSS_C_ROUTINE_ERROR_OFFSET) 2054 #define GSS_S_DEFECTIVE_TOKEN (9 << GSS_C_ROUTINE_ERROR_OFFSET) 2055 #define GSS_S_DEFECTIVE_CREDENTIAL (10 << GSS_C_ROUTINE_ERROR_OFFSET) 2056 #define GSS_S_CREDENTIALS_EXPIRED (11 << GSS_C_ROUTINE_ERROR_OFFSET) 2057 #define GSS_S_CONTEXT_EXPIRED (12 << GSS_C_ROUTINE_ERROR_OFFSET) 2058 #define GSS_S_FAILURE (13 << GSS_C_ROUTINE_ERROR_OFFSET) 2060 /* 2061 * Supplementary info bits: 2062 */ 2063 #define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) 2064 #define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) 2065 #define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) 2066 #define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) 2068 /* 2069 * Finally, function prototypes for the GSSAPI routines. 2070 */ 2072 OM_uint32 gss_acquire_cred 2073 (OM_uint32*, /* minor_status */ 2074 gss_name_t, /* desired_name */ 2075 OM_uint32, /* time_req */ 2076 gss_OID_set, /* desired_mechs */ 2077 int, /* cred_usage */ 2078 gss_cred_id_t*, /* output_cred_handle */ 2079 gss_OID_set*, /* actual_mechs */ 2080 OM_uint32* /* time_rec */ 2081 ); 2083 OM_uint32 gss_release_cred, 2084 (OM_uint32*, /* minor_status */ 2085 gss_cred_id_t* /* cred_handle */ 2087 ); 2089 OM_uint32 gss_init_sec_context 2090 (OM_uint32*, /* minor_status */ 2091 gss_cred_id_t, /* claimant_cred_handle */ 2092 gss_ctx_id_t*, /* context_handle */ 2093 gss_name_t, /* target_name */ 2094 gss_OID, /* mech_type */ 2095 int, /* req_flags */ 2096 OM_uint32, /* time_req */ 2097 gss_channel_bindings_t, 2098 /* input_chan_bindings */ 2099 gss_buffer_t, /* input_token */ 2100 gss_OID*, /* actual_mech_type */ 2101 gss_buffer_t, /* output_token */ 2102 int*, /* ret_flags */ 2103 OM_uint32* /* time_rec */ 2104 ); 2106 OM_uint32 gss_accept_sec_context 2107 (OM_uint32*, /* minor_status */ 2108 gss_ctx_id_t*, /* context_handle */ 2109 gss_cred_id_t, /* verifier_cred_handle */ 2110 gss_buffer_t, /* input_token_buffer */ 2111 gss_channel_bindings_t, 2112 /* input_chan_bindings */ 2113 gss_name_t*, /* src_name */ 2114 gss_OID*, /* mech_type */ 2115 gss_buffer_t, /* output_token */ 2116 int*, /* ret_flags */ 2117 OM_uint32*, /* time_rec */ 2118 gss_cred_id_t* /* delegated_cred_handle */ 2119 ); 2121 OM_uint32 gss_process_context_token 2122 (OM_uint32*, /* minor_status */ 2123 gss_ctx_id_t, /* context_handle */ 2124 gss_buffer_t /* token_buffer */ 2125 ); 2127 OM_uint32 gss_delete_sec_context 2128 (OM_uint32*, /* minor_status */ 2129 gss_ctx_id_t, /* context_handle */ 2130 gss_buffer_t /* output_token */ 2131 ); 2133 OM_uint32 gss_context_time 2134 (OM_uint32*, /* minor_status */ 2135 gss_ctx_id_t, /* context_handle */ 2136 OM_uint32* /* time_rec */ 2137 ); 2139 OM_uint32 gss_sign 2140 (OM_uint32*, /* minor_status */ 2141 gss_ctx_id_t, /* context_handle */ 2142 int, /* qop_req */ 2143 gss_buffer_t, /* message_buffer */ 2144 gss_buffer_t /* message_token */ 2145 ); 2147 OM_uitn32 gss_verify 2148 (OM_uint32*, /* minor_status */ 2149 gss_ctx_id_t, /* context_handle */ 2150 gss_buffer_t, /* message_buffer */ 2151 gss_buffer_t, /* token_buffer */ 2152 int* /* qop_state */ 2153 ); 2155 OM_uint32 gss_seal 2156 (OM_uint32*, /* minor_status */ 2157 gss_ctx_id_t, /* context_handle */ 2158 int, /* conf_req_flag */ 2159 int, /* qop_req */ 2160 gss_buffer_t, /* input_message_buffer */ 2161 int*, /* conf_state */ 2162 gss_buffer_t /* output_message_buffer */ 2163 ); 2165 OM_uint32 gss_unseal 2166 (OM_uint32*, /* minor_status */ 2167 gss_ctx_id_t, /* context_handle */ 2168 gss_buffer_t, /* input_message_buffer */ 2169 gss_buffer_t, /* output_message_buffer */ 2170 int*, /* conf_state */ 2171 int* /* qop_state */ 2172 ); 2174 OM_uint32 gss_display_status 2175 (OM_uint32*, /* minor_status */ 2176 OM_uint32, /* status_value */ 2177 int, /* status_type */ 2178 gss_OID, /* mech_type */ 2179 int*, /* message_context */ 2180 gss_buffer_t /* status_string */ 2181 ); 2183 OM_uint32 gss_indicate_mechs 2184 (OM_uint32*, /* minor_status */ 2185 gss_OID_set* /* mech_set */ 2186 ); 2188 OM_uint32 gss_compare_name 2189 (OM_uint32*, /* minor_status */ 2190 gss_name_t, /* name1 */ 2191 gss_name_t, /* name2 */ 2192 int* /* name_equal */ 2193 ); 2195 OM_uint32 gss_display_name, 2196 (OM_uint32*, /* minor_status */ 2197 gss_name_t, /* input_name */ 2198 gss_buffer_t, /* output_name_buffer */ 2199 gss_OID* /* output_name_type */ 2200 ); 2202 OM_uint32 gss_import_name 2203 (OM_uint32*, /* minor_status */ 2204 gss_buffer_t, /* input_name_buffer */ 2205 gss_OID, /* input_name_type */ 2206 gss_name_t* /* output_name */ 2207 ); 2209 OM_uint32 gss_release_name 2210 (OM_uint32*, /* minor_status */ 2211 gss_name_t* /* input_name */ 2212 ); 2214 OM_uint32 gss_release_buffer 2215 (OM_uint32*, /* minor_status */ 2216 gss_buffer_t /* buffer */ 2217 ); 2219 OM_uint32 gss_release_oid_set 2220 (OM_uint32*, /* minor_status */ 2221 gss_OID_set* /* set */ 2222 ); 2224 OM_uint32 gss_inquire_cred 2225 (OM_uint32 *, /* minor_status */ 2226 gss_cred_id_t, /* cred_handle */ 2227 gss_name_t *, /* name */ 2228 OM_uint32 *, /* lifetime */ 2229 int *, /* cred_usage */ 2230 gss_OID_set * /* mechanisms */ 2231 ); 2233 #endif /* GSSAPI_H_ */ 2235 REFERENCES 2237 [GSSAPI] J. Linn, "Generic Security Service Application Program 2238 Interface", Internet-Draft draft-ietf-cat-genericsec-01, 2239 June 1992. (This Internet-Draft, like all other 2240 Internet-Drafts, is not an archival document and is 2241 subject to change or deletion. It is available at the 2242 time of this writing (June 1992) by anonymous ftp from 2243 nnsc.nsf.net, directory internet-drafts. Would-be 2244 readers should check for successor Internet-Draft 2245 versions or Internet RFCs before relying on this 2246 document.) 2248 [XOM] "OSI Object Management API Specification, Version 2.0 t", 2249 X.400 API Association & X/Open Company Limited, August 2250 24, 1990. Specification of datatypes and routines for 2251 manipulating information objects. 2253 AUTHOR'S ADDRESS 2255 John Wray Internet email: Wray@ultra.enet.dec.com 2256 Digital Equipment Corporation Telephone: +1-508-486-5210 2257 550 King Street, LKG2-2/AA6 2258 Littleton, MA 01460 2259 USA