| | | |
C |
|
| C_CloseSession() function |
| | digest message example ( ) |
| | message signing example ( ) |
| | random byte generation example ( ) |
|
| C_Decrypt() function ( ) |
|
| C_DecryptInit() function ( ) |
|
| C_EncryptFinal() function ( ) |
|
| C_EncryptInit() function ( ) |
|
| C_EncryptUpdate() function ( ) |
|
| C_Finalize() function |
| | digest message example ( ) |
| | message signing example ( ) |
|
| C_GenerateKeyPair() function ( ) |
|
| C_GenerateRandom() function ( ) |
|
| C_GetAttributeValue() function ( ) |
|
| C_GetInfo() function ( ) ( ) |
|
| C_GetMechanismList() function ( ) |
|
| C_GetSlotList() function ( ) |
| | message signing example ( ) |
| | random byte generation example ( ) |
|
| C_Initialize() function ( ) |
|
| C_OpenSession() function ( ) |
| | random byte generation example ( ) |
|
| C_SignInit() function ( ) |
|
| C_Verify() function ( ) |
|
| C_VerifyInit() function ( ) |
|
| callbacks |
| | SASL ( ) |
| | | SASL_CB_AUTHNAME ( ) |
| | | SASL_CB_CANON_USER ( ) |
| | | SASL_CB_ECHOPROMPT ( ) |
| | | SASL_CB_GETCONF ( ) |
| | | SASL_CB_GETOPT ( ) |
| | | SASL_CB_GETPATH ( ) |
| | | SASL_CB_GETREALM ( ) |
| | | SASL_CB_LANGUAGE ( ) |
| | | SASL_CB_LOG ( ) |
| | | SASL_CB_NOECHOPROMPT ( ) |
| | | SASL_CB_PASS ( ) |
| | | SASL_CB_PROXY_POLICY ( ) |
| | | SASL_CB_SERVER_USERDB_CHECKPASS ( ) |
| | | SASL_CB_SERVER_USERDB_SETPASS ( ) |
| | | SASL_CB_USER ( ) |
| | | SASL_CB_VERIFYFILE ( ) |
|
| canonicalization, SASL ( ) |
|
| Certificate Revocation List (CRL) ( ) |
|
| Certificate Signing Request (CSR) ( ) |
|
| certificates |
| | cryptographic applications ( ) |
| | requesting from Oracle ( ) |
|
| channel bindings |
| | GSS-API ( ) ( ) |
|
| client_establish_context() function, GSS-API client example ( ) |
|
| client plug-ins |
| | SASL ( ) ( ) |
|
| confidentiality |
| | GSS-API ( ) ( ) |
|
| connect_to_server() function |
| | GSS-API client example ( ) ( ) |
|
| connection contexts, SASL ( ) |
|
| consumers |
| | defined ( ) |
| | Oracle Solaris cryptographic framework ( ) |
|
| context-level tokens, GSS-API ( ) |
|
| contexts |
| | GSS-API |
| | | acceptance ( ) |
| | | acceptance example ( ) |
| | | deletion ( ) |
| | | establishing ( ) |
| | | establishing example ( ) |
| | | exporting ( ) |
| | | getting acquisition information ( ) |
| | | gss-client example ( ) |
| | | import and export ( ) ( ) |
| | | introduction ( ) |
| | | other context services ( ) |
| | | releasing ( ) |
| | initiation in GSS-API ( ) |
|
| createMechOid() function ( ) |
|
| credentials |
| | cache ( ) |
| | delegation ( ) |
| | GSS-API ( ) ( ) |
| | | acquisition ( ) |
| | GSS-API default ( ) |
|
| CRL (Certificate Revocation List) ( ) |
|
| crypto pseudo device driver ( ) |
|
| cryptoadm pseudo device driver ( ) |
|
| cryptoadm utility ( ) |
|
| cryptographic checksum (MIC) ( ) |
|
| cryptographic framework, See Oracle Solaris cryptographic framework |
|
| cryptographic providers, Oracle Solaris cryptographic framework ( ) |
|
| cryptoki library, overview ( ) |
|
| CSR (Certificate Signing Request) ( ) |
| | | |
G |
|
| General Security Standard Application Programming Interface, See GSS-API |
|
| GetMechanismInfo() function ( ) |
|
| GetRandSlot() function ( ) |
|
| GetTokenInfo() function ( ) |
|
| gss_accept_sec_context() function ( ) ( ) |
| | GSS-API server example ( ) |
|
| gss_acquire_cred() function ( ) ( ) |
| | GSS-API server example ( ) |
|
| gss_add_cred() function ( ) ( ) |
|
| gss_add_oid_set_member() function ( ) |
|
| GSS-API |
| | acquiring credentials ( ) |
| | anonymous authentication ( ) |
| | anonymous name format ( ) |
| | channel bindings ( ) ( ) |
| | communication layers ( ) |
| | comparing names in ( ) |
| | confidentiality ( ) |
| | constructing OIDs ( ) |
| | context establishment example ( ) |
| | contexts |
| | | acceptance example ( ) |
| | | deallocation ( ) |
| | | expiration ( ) |
| | createMechOid() function ( ) |
| | credentials ( ) |
| | | expiration ( ) |
| | data types ( ) ( ) |
| | detecting out-of-sequence problems ( ) |
| | developing applications ( ) |
| | displaying status codes ( ) |
| | encryption ( ) ( ) |
| | exporting contexts ( ) ( ) |
| | files containing OID values ( ) |
| | functions ( ) |
| | generalized steps ( ) |
| | gss-client example |
| | | context deletion ( ) |
| | | contexts ( ) |
| | | sending messages ( ) |
| | | signature blocks ( ) |
| | gss-server example |
| | | signing messages ( ) |
| | | unwrapping messages ( ) |
| | gss_str_to_oid() function ( ) |
| | include files ( ) |
| | integrity ( ) |
| | interprocess tokens ( ) |
| | introduction ( ) |
| | Kerberos v5 status codes ( ) |
| | language bindings ( ) |
| | limitations ( ) |
| | mech file ( ) |
| | message transmission ( ) |
| | MICs ( ) |
| | minor-status codes ( ) |
| | miscellaneous sample functions |
| | | source code ( ) |
| | mutual authentication ( ) |
| | name types ( ) ( ) |
| | OIDs ( ) |
| | other context services ( ) |
| | outside references ( ) |
| | portability ( ) |
| | protecting channel-binding information ( ) |
| | QOP ( ) ( ) |
| | readable name syntax ( ) |
| | releasing contexts ( ) |
| | releasing stored data ( ) |
| | remote procedure calls ( ) |
| | replaced functions ( ) |
| | role in Oracle Solaris OS ( ) |
| | sample client application |
| | | description ( ) |
| | | source code ( ) |
| | sample server application |
| | | description ( ) |
| | | source code ( ) |
| | specifying non-default mechanisms ( ) |
| | specifying OIDs ( ) |
| | status code macros ( ) |
| | status codes ( ) ( ) ( ) |
| | supported credentials ( ) |
| | tokens ( ) |
| | | context-level ( ) |
| | | interprocess ( ) |
| | | per-message ( ) |
| | translation into GSS-API format ( ) |
| | wrap-size limits ( ) |
|
| gss_buffer_desc structure ( ) |
|
| gss_buffer_desc structure ( ) |
|
| gss_buffer_t pointer ( ) |
|
| GSS_C_ACCEPT credential ( ) |
|
| GSS_C_BOTH credential ( ) |
|
| GSS_C_INITIATE credential ( ) |
|
| GSS_CALLING_ERROR macro ( ) ( ) |
|
| gss_canonicalize_name() function ( ) ( ) |
|
| gss_channel_bindings_structure structure ( ) |
|
| gss_channel_bindings_t data type ( ) |
|
| gss-client example |
| | context deletion ( ) |
| | obtaining context status ( ) |
| | restoring contexts ( ) |
| | saving contexts ( ) |
| | sending messages ( ) |
| | signature blocks ( ) |
|
| gss-client sample application ( ) |
|
| gss_compare_name() function ( ) ( ) ( ) |
|
| gss_context_time() function ( ) |
|
| gss_create_empty_oid_set() function ( ) |
|
| gss_delete_oid() function ( ) |
|
| gss_delete_sec_context() function ( ) ( ) |
| | releasing contexts ( ) |
|
| gss_display_name() function ( ) ( ) |
|
| gss_display_status() function ( ) ( ) |
|
| gss_duplicate_name() function ( ) |
|
| gss_export_context() function ( ) |
|
| gss_export_name() function ( ) |
|
| gss_export_sec_context() function ( ) ( ) |
|
| gss_get_mic() function ( ) ( ) ( ) |
| | comparison with gss_wrap()function ( ) |
| | GSS-API server example ( ) |
|
| gss_import_name() function ( ) ( ) |
| | GSS-API client example ( ) |
| | GSS-API server example ( ) |
|
| gss_import_sec_context() function ( ) ( ) |
|
| gss_indicate_mechs() function ( ) |
|
| gss_init_sec_context() function ( ) ( ) ( ) |
| | GSS-API client example ( ) |
| | use in anonymous authentication ( ) |
| | use in mutual authentication ( ) |
|
| gss_inquire_context() function ( ) |
|
| gss_inquire_context function ( ) |
|
| gss_inquire_cred() function ( ) |
|
| gss_inquire_cred_by_mech() function ( ) |
|
| gss_inquire_mechs_for_name() function ( ) |
|
| gss_inquire_names_for_mech() function ( ) |
|
| gss_OID_desc structure ( ) |
|
| gss_OID pointer ( ) |
|
| gss_OID_set_desc structure ( ) |
|
| gss_OID_set_desc structure ( ) |
|
| gss_OID_set pointer ( ) |
|
| gss_oid_to_str() function ( ) |
|
| gss_process_context_token() function ( ) |
|
| gss_release_buffer() function ( ) ( ) |
|
| gss_release_cred() function ( ) ( ) |
| | GSS-API server example ( ) |
|
| gss_release_name() function ( ) ( ) |
| | releasing stored data ( ) |
|
| gss_release_oid() function |
| | GSS-API client example ( ) |
| | GSS-API server example ( ) |
|
| gss_release_oid_set() function ( ) ( ) |
|
| GSS_ROUTINE_ERROR macro ( ) ( ) |
|
| gss_seal() function ( ) |
|
| gss-server example |
| | signing messages ( ) |
| | unwrapping messages ( ) |
|
| gss-server sample application ( ) |
|
| gss_sign() function ( ) |
|
| gss_str_to_oid() function ( ) ( ) |
|
| GSS_SUPPLEMENTARY_INFO macro ( ) ( ) |
|
| gss_test_oid_set_member() function ( ) |
|
| gss_unseal() function ( ) |
|
| gss_unwrap() function ( ) |
| | GSS-API server example ( ) |
|
| gss_verify() function ( ) |
|
| gss_verify_mic() function ( ) |
|
| gss_wrap() function ( ) ( ) ( ) |
| | comparison with gss_get_mic() function ( ) |
| | wrapping messages ( ) |
|
| gss_wrap_size_limit() function ( ) ( ) |
|
| gssapi.h file ( ) |
|
| guidelines for privileged applications ( ) |
| | | |
O |
|
| Object Identifiers, See OIDs |
|
| OCSP (Online Certificate Status Protocol) ( ) |
|
| OIDs |
| | constructing ( ) |
| | deallocation of ( ) |
| | GSS-API ( ) |
| | sets ( ) |
| | specifying ( ) ( ) |
| | types of data stored as ( ) |
|
| Online Certificate Status Protocol (OCSP) ( ) |
|
| Oracle Solaris cryptographic framework |
| | architecture ( ) |
| | crypto pseudo device driver ( ) |
| | cryptoadm pseudo device driver ( ) |
| | cryptoadm utility ( ) |
| | cryptographic providers ( ) |
| | cryptoki library ( ) |
| | design requirements |
| | | kernel-level consumers ( ) |
| | | kernel-level providers ( ) |
| | | special treatment of _fini() function ( ) |
| | | user-level consumers ( ) |
| | | user-level providers ( ) |
| | elfsign utility ( ) |
| | examples |
| | | message digest ( ) |
| | | random byte generation ( ) |
| | | signing and verifying messages ( ) |
| | | symmetric encryption ( ) |
| | introduction ( ) |
| | kernel programmer interface ( ) |
| | libpkcs11.so ( ) |
| | modules verification library ( ) |
| | packaging applications ( ) |
| | pkcs11_kernel.so ( ) |
| | pkcs11_softtoken.so ( ) |
| | pluggable interface ( ) |
| | role in Oracle Solaris OS ( ) |
| | scheduler / load balancer ( ) ( ) |
| | SPI |
| | | kernel level ( ) |
|
| Oracle Solaris Enterprise Authentication Mechanism, See SEAM |
|
| out-of-sequence problems, GSS-API ( ) |
| | | |
P |
|
| packaging cryptographic applications ( ) |
|
| PAM ( ) |
| | authentication process ( ) |
| | configuration file |
| | | introduction ( ) |
| | consumer application example ( ) |
| | framework ( ) |
| | items ( ) |
| | library ( ) |
| | requirements for PAM consumers ( ) |
| | role in Oracle Solaris OS ( ) |
| | service modules ( ) |
| | service provider example ( ) |
| | service provider requirements ( ) |
| | writing conversation functions ( ) |
|
| pam.conf file, See PAM configuration file |
|
| pam_end() function ( ) |
|
| pam_getenvlist() function ( ) |
|
| pam_open_session() function ( ) |
|
| pam_set_item() function ( ) |
|
| pam_setcred() function ( ) |
|
| pam_start() function ( ) |
|
| parse_oid() function ( ) |
| | GSS-API client example ( ) |
|
| per-message tokens, GSS-API ( ) |
|
| permitted privilege set, defined ( ) |
|
| PKCS #11 |
| | C_GetInfo() function ( ) |
| | C_GetMechanismList() function ( ) |
| | C_GetSlotList() function ( ) |
| | C_GetTokenInfo() function ( ) |
| | C_Initialize() function ( ) |
| | C_OpenSession() function ( ) |
| | function list ( ) |
| | pkcs11_softtoken.so module ( ) |
| | SUNW_C_GetMechSession() function ( ) ( ) |
|
| pkcs11_kernel.so library, Oracle Solaris cryptographic framework ( ) |
|
| pkcs11_softtoken.so library, Oracle Solaris cryptographic framework ( ) |
|
| PKI (Public Key Infrastructure) ( ) |
|
| pktool(1) key management tool ( ) |
|
| plug-ins |
| | Oracle Solaris cryptographic framework ( ) |
| | SASL ( ) |
|
| pluggable authentication module, See PAM |
|
| pluggable interface, Oracle Solaris cryptographic framework ( ) |
|
| principals, GSS-API ( ) |
|
| PRIV_FILE_LINK_ANY ( ) |
|
| PRIV_OFF flag ( ) |
|
| PRIV_ON flag ( ) |
|
| PRIV_PROC_EXEC ( ) |
|
| PRIV_PROC_FORK ( ) |
|
| PRIV_PROC_INFO ( ) |
|
| PRIV_PROC_SESSION ( ) |
|
| PRIV_SET flag ( ) |
|
| priv_set_t structure ( ) |
|
| priv_str_to_set() function, synopsis ( ) |
|
| priv_t type ( ) |
|
| privilege sets, defined ( ) |
|
| privileged applications, defined ( ) |
|
| privileges |
| | assignment ( ) |
| | bracketing in the least privilege model ( ) |
| | bracketing in the superuser model ( ) |
| | categories ( ) |
| | | IPC ( ) |
| | | process ( ) |
| | | system ( ) |
| | | System V IPC ( ) |
| | code example ( ) |
| | compatibility with superuser ( ) |
| | data types ( ) |
| | defined ( ) |
| | interfaces ( ) |
| | introduction ( ) |
| | operation flags ( ) |
| | overview ( ) |
| | priv_str_to_set() function ( ) |
| | privilege ID data type ( ) |
| | required header file ( ) |
| | setppriv() function ( ) |
| | use in application development ( ) |
|
| process privileges ( ) |
| | See privileges | |
|
| protecting data, GSS-API ( ) |
|
| providers |
| | defined ( ) |
| | Oracle Solaris cryptographic framework ( ) ( ) |
| | packaging kernel-level applications ( ) |
| | packaging user-level applications ( ) |
|
| Public Key Infrastructure (PKI) ( ) |
| | | |
S |
|
| SASL |
| | architecture ( ) |
| | authentication ( ) |
| | authid ( ) |
| | auxprop plug-ins ( ) |
| | callbacks |
| | | SASL_CB_AUTHNAME ( ) |
| | | SASL_CB_CANON_USER ( ) |
| | | SASL_CB_ECHOPROMPT ( ) |
| | | SASL_CB_GETCONF ( ) |
| | | SASL_CB_GETOPT ( ) |
| | | SASL_CB_GETPATH ( ) |
| | | SASL_CB_GETREALM ( ) |
| | | SASL_CB_LANGUAGE ( ) |
| | | SASL_CB_LOG ( ) |
| | | SASL_CB_NOECHOPROMPT ( ) |
| | | SASL_CB_PASS ( ) |
| | | SASL_CB_PROXY_POLICY ( ) |
| | | SASL_CB_SERVER_USERDB_CHECKPASS ( ) |
| | | SASL_CB_SERVER_USERDB_SETPASS ( ) |
| | | SASL_CB_USER ( ) |
| | | SASL_CB_VERIFYFILE ( ) |
| | canonicalization ( ) |
| | client sample application ( ) |
| | confidentiality ( ) |
| | connection contexts ( ) |
| | functions ( ) |
| | integrity ( ) |
| | library ( ) |
| | libsasl API ( ) |
| | libsasl initialization ( ) |
| | life cycle ( ) |
| | mechanisms ( ) |
| | overview ( ) |
| | plug-in design ( ) |
| | | client plug-ins ( ) |
| | | overview ( ) |
| | | server plug-ins ( ) |
| | | structures ( ) |
| | reference tables ( ) |
| | releasing resources ( ) |
| | releasing sessions ( ) |
| | role in Oracle Solaris OS ( ) |
| | sample functions ( ) |
| | sample output ( ) |
| | server sample application ( ) |
| | session initialization ( ) |
| | setting SSF ( ) |
| | SPI ( ) |
| | SSF ( ) |
| | userid ( ) |
|
| sasl_canonuser_plug_nit() function ( ) |
|
| SASL_CB_AUTHNAME callback ( ) |
|
| SASL_CB_CANON_USER callback ( ) |
|
| SASL_CB_ECHOPROMPT callback ( ) |
|
| SASL_CB_GETCONF callback ( ) |
|
| SASL_CB_GETOPT callback ( ) |
|
| SASL_CB_GETPATH callback ( ) |
|
| SASL_CB_GETREALM callback ( ) |
|
| SASL_CB_LANGUAGE callback ( ) |
|
| SASL_CB_LOG callback ( ) |
|
| SASL_CB_NOECHOPROMPT callback ( ) |
|
| SASL_CB_PASS callback ( ) |
|
| SASL_CB_PROXY_POLICY callback ( ) |
|
| SASL_CB_SERVER_USERDB_CHECKPASS callback ( ) |
|
| SASL_CB_SERVER_USERDB_SETPASS callback ( ) |
|
| SASL_CB_USER callback ( ) |
|
| SASL_CB_VERIFYFILE callback ( ) |
|
| sasl_client_add_plugin() function ( ) |
|
| sasl_client_init() function ( ) ( ) |
|
| sasl_client_new() function, SASL life cycle ( ) |
|
| sasl_client_start() function, SASL life cycle ( ) |
|
| SASL_CONTINUE flag ( ) |
|
| sasl_decode() function ( ) |
|
| sasl_dispose() function ( ) ( ) |
|
| sasl_done() function ( ) ( ) |
|
| sasl_encode() function ( ) |
|
| sasl_getprop() function, checking SSF ( ) |
|
| SASL_INTERACT flag ( ) |
|
| SASL_OK flag ( ) |
|
| sasl_server_add_plugin() function ( ) |
|
| sasl_server_init() function ( ) ( ) |
|
| sasl_server_new() function, SASL life cycle ( ) |
|
| sasl_server_start() function, SASL life cycle ( ) |
|
| SEAM, GSS-API ( ) |
|
| security context, See contexts |
|
| security flavor ( ) |
|
| security mechanisms, See GSS-API |
|
| security policy, privileged application guidelines ( ) |
|
| security strength factor, See SSF |
|
| send_token() function, GSS-API client example ( ) |
|
| sequence problems, GSS-API ( ) |
|
| server_acquire_creds() function, GSS-API server example ( ) |
|
| server_establish_context() function, GSS-API server example ( ) |
|
| server plug-ins, SASL ( ) |
|
| service provider interface, See SPI |
|
| session management, PAM service module ( ) |
|
| session objects, Oracle Solaris cryptographic framework ( ) |
|
| setppriv() function, synopsis ( ) |
|
| shell escapes, and privileges ( ) |
|
| sign_server() function |
| | GSS-API client example ( ) |
| | GSS-API server example ( ) |
|
| signature blocks |
| | GSS-API |
| | | gss-client example ( ) |
|
| signing messages, GSS-API ( ) |
|
| signing messages example, Oracle Solaris cryptographic framework ( ) |
|
| signing packages ( ) |
|
| Simple Authentication and Security Layer, See SASL |
|
| slots, Oracle Solaris cryptographic framework ( ) |
|
| soft tokens, Oracle Solaris cryptographic framework ( ) |
|
| specifying a QOP ( ) |
|
| specifying mechanisms in GSS-API ( ) |
|
| specifying OIDs ( ) |
|
| SPI |
| | Oracle Solaris cryptographic framework |
| | | kernel level ( ) |
| | | user level ( ) |
|
| SSF |
| | defined ( ) |
| | setting ( ) ( ) |
|
| status codes |
| | GSS-API ( ) ( ) |
| | major ( ) |
| | minor ( ) |
|
| strings, GSS-API ( ) |
|
| SUNW_C_GetMechSession() function ( ) ( ) |
| | digest message example ( ) |
| | symmetric encryption example ( ) |
|
| symmetric encryption |
| | Oracle Solaris cryptographic framework |
| | | example ( ) |
|
| system privileges ( ) |
|
| System V IPC privileges ( ) |