1.\" -*- nroff -*- 2.\" 3.\" Copyright (c) 2005 Doug Rabson 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" $FreeBSD$ 28.\" 29.\" The following commands are required for all man pages. 30.Dd November 12, 2005 31.Os 32.Dt GSS_GET_MIC 3 PRM 33.Sh NAME 34.Nm gss_get_mic , 35.Nm gss_sign 36.Nd Calculate a cryptographic message integrity code (MIC) for a 37message; integrity service 38.\" This next command is for sections 2 and 3 only. 39.\" .Sh LIBRARY 40.Sh SYNOPSIS 41.In "gssapi/gssapi.h" 42.Ft OM_uint32 43.Fo gss_get_mic 44.Fa "OM_uint32 *minor_status" 45.Fa "const gss_ctx_id_t context_handle" 46.Fa "gss_qop_t qop_req" 47.Fa "const gss_buffer_t message_buffer" 48.Fa "gss_buffer_t msg_token" 49.Fc 50.Ft OM_uint32 51.Fo gss_sign 52.Fa "OM_uint32 *minor_status" 53.Fa "const gss_ctx_id_t context_handle" 54.Fa "gss_qop_t qop_req" 55.Fa "gss_buffer_t message_buffer" 56.Fa "gss_buffer_t msg_token" 57.Fc 58.Sh DESCRIPTION 59Generates a cryptographic MIC for the supplied message, 60and places the MIC in a token for transfer to the peer application. 61The 62.Fa qop_req 63parameter allows a choice between several cryptographic algorithms, 64if supported by the chosen mechanism. 65.Pp 66Since some application-level protocols may wish to use tokens emitted 67by 68.Fn gss_wrap 69to provide "secure framing", 70implementations must support derivation of MICs from zero-length messages. 71.Pp 72The 73.Fn gss_sign 74routine is an obsolete variant of 75.Fn gss_get_mic . 76It is 77provided for backwards 78compatibility with applications using the GSS-API V1 interface. 79A distinct entrypoint (as opposed to #define) is provided, 80both to allow GSS-API V1 applications to link 81and to retain the slight parameter type differences between the 82obsolete versions of this routine and its current form. 83.Sh PARAMETERS 84.Bl -tag 85.It minor_status 86Mechanism specific status code. 87.It context_handle 88Identifies the context on which the message will be sent. 89.It qop_req 90Specifies requested quality of protection. 91Callers are encouraged, on portability grounds, 92to accept the default quality of protection offered by the chosen 93mechanism, 94which may be requested by specifying 95.Dv GSS_C_QOP_DEFAULT 96for this parameter. 97If an unsupported protection strength is requested, 98.Fn gss_get_mic 99will return a 100.Fa major_status 101of 102.Dv GSS_S_BAD_QOP . 103.It message_buffer 104Message to be protected. 105.It msg_token 106Buffer to receive token. 107The application must free storage associated with this buffer after 108use with a call to 109.Fn gss_release_buffer . 110.El 111.Sh RETURN VALUES 112.Bl -tag 113.It GSS_S_COMPLETE 114Successful completion 115.It GSS_S_CONTEXT_EXPIRED 116The context has already expired 117.It GSS_S_NO_CONTEXT 118The context_handle parameter did not identify a valid context 119.It GSS_S_BAD_QOP 120The specified QOP is not supported by the mechanism 121.El 122.Sh SEE ALSO 123.Xr gss_wrap 3 , 124.Xr gss_release_buffer 3 125.Sh STANDARDS 126.Bl -tag 127.It RFC 2743 128Generic Security Service Application Program Interface Version 2, Update 1 129.It RFC 2744 130Generic Security Service API Version 2 : C-bindings 131.\" .Sh HISTORY 132.El 133.Sh HISTORY 134The 135.Nm 136manual page example first appeared in 137.Fx 7.0 . 138.Sh AUTHORS 139John Wray, Iris Associates 140.Sh COPYRIGHT 141Copyright (C) The Internet Society (2000). All Rights Reserved. 142.Pp 143This document and translations of it may be copied and furnished to 144others, and derivative works that comment on or otherwise explain it 145or assist in its implementation may be prepared, copied, published 146and distributed, in whole or in part, without restriction of any 147kind, provided that the above copyright notice and this paragraph are 148included on all such copies and derivative works. However, this 149document itself may not be modified in any way, such as by removing 150the copyright notice or references to the Internet Society or other 151Internet organizations, except as needed for the purpose of 152developing Internet standards in which case the procedures for 153copyrights defined in the Internet Standards process must be 154followed, or as required to translate it into languages other than 155English. 156.Pp 157The limited permissions granted above are perpetual and will not be 158revoked by the Internet Society or its successors or assigns. 159.Pp 160This document and the information contained herein is provided on an 161"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 162TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 163BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 164HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 165MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 166