gss_wrap_size_limit()--Determine Largest Message that can be Wrapped
Syntax
#include <gssapi.h> OM_uint32 gss_wrap_size_limit ( OM_uint32 * minor_status, gss_ctx_id_t context_handle, int conf_req, gss_qop_t qop_req, OM_uint32 size_req, OM_uint32 * max_size);Service Program Name: QSYS/QKRBGSS
Default public authority: *USE
Threadsafe: Yes
The gss_wrap_size_limit() function determines the largest message that can be processed by the gss_wrap() routine without exceeding the specified output token size.
Parameters
- minor_status (Output)
- A status code from the security mechanism.
- context_handle (Input)
- The security context that will be associated with the messages.
- conf_req (Input)
- Whether confidentiality services will be requested for the messages as
follows:
TRUE Both confidentiality and integrity and authentication services will be requested. FALSE Only integrity and authentication services will be requested.
- qop_req (Input)
- The quality of protection that will be used with the messages. Specify
GSS_C_QOP_DEFAULT to use the default quality of protection as
defined by the selected security mechanism.
The Kerberos security mechanism supports three quality of protection levels as follows (in decreasing order or speed):
GSS_KRB5_INTEG_C_QOP_MD5 Truncated MD5 GSS_KRB5_INTEG_C_QOP_DES_MD5 DES_MAC of an MD5 hash (default) GSS_KRB5_INTEG_C_QOP_DES_MAC Normal DES_MAC algorithm
- size_req (Input)
- The maximum output token size.
- max_size (Output)
- The maximum message size that can be processed without exceeding the specified maximum token size.
Return Value
The return value is one of the following status codes:
- GSS_S_BAD_QOP
- The quality of protection requested is not valid.
- GSS_S_COMPLETE
- The routine completed successfully.
- GSS_S_CONTEXT_EXPIRED
- The context identifier provided by the caller has expired.
- GSS_S_FAILURE
- The routine failed for reasons that are not defined at the GSS level. The
minor_status return parameter contains a mechanism-dependent error
code describing the reason for the failure.
- GSS_S_NO_CONTEXT
- The context identifier provided by the caller does not refer to a valid security context.
Authorities
Object Referred to | Data Authority Required |
---|---|
Each directory in the path name preceding the configuration file | *X |
Configuration file | *R |
Error Messages
Message ID | Error Message Text |
---|---|
CPE3418 E | Possible APAR condition or hardware failure. |
API introduced: V5R1
[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]