The following table lists the functions of the GSS-API. For more information on each function, see its man page. See also Functions From Previous Versions of the GSS-API.
Table B–1 GSS-API Functions
Function |
Description |
---|---|
gss_acquire_cred() |
Assume a global identity; obtain a GSS-API credential handle for pre-existing credentials |
gss_add_cred() |
Construct credentials incrementally |
gss_inquire_cred() |
Obtain information about a credential |
gss_inquire_cred_by_mech() |
Obtain per-mechanism information about a credential |
gss_release_cred() |
Discard a credential handle |
gss_init_sec_context() |
Initiate a security context with a peer application |
gss_accept_sec_context() |
Accept a security context initiated by a peer application |
gss_delete_sec_context() |
Discard a security context |
gss_process_context_token() |
Process a token on a security context from a peer application |
gss_context_time() |
Determine for how long a context will remain valid |
gss_inquire_context() |
Obtain information about a security context |
gss_wrap_size_limit() |
Determine token-size limit for gss_wrap() on a context |
gss_export_sec_context() |
Transfer a security context to another process |
gss_import_sec_context() |
Import a transferred context |
gss_get_mic() |
Calculate a cryptographic message integrity code (MIC) for a message; integrity service |
gss_verify_mic() |
Check a MIC against a message; verify integrity of a received message |
gss_wrap() |
Attach a MIC to a message, and optionally encrypt the message content |
gss_unwrap() |
Verify a message with attached MIC, and decrypt message content if necessary |
gss_import_name() |
Convert a contiguous string name to internal-form |
gss_display_name() |
Convert internal-form name to text |
gss_compare_name() |
Compare two internal-form names |
gss_release_name() |
Discard an internal-form name |
gss_inquire_names_for_mech() |
List the name types supported by the specified mechanism |
gss_inquire_mechs_for_name() |
List mechanisms that support the specified name type |
gss_canonicalize_name() |
Convert an internal name to an MN |
gss_export_name() |
Convert an MN to export form |
gss_duplicate_name() |
Create a copy of an internal name |
gss_add_oid_set_member() |
Add an object identifier to a set |
gss_display_status() |
Convert a GSS-API status code to text |
gss_indicate_mechs() |
Determine available underlying authentication mechanisms |
gss_release_buffer() |
Discard a buffer |
gss_release_oid_set() |
Discard a set of object identifiers |
gss_create_empty_oid_set() |
Create a set containing no object identifiers |
gss_test_oid_set_member() |
Determine whether an object identifier is a member of a set |
This section explains functions that were included in previous versions of the GSS-API.
OID
sThe following functions are supported by the Sun implementation of the GSS-API for convenience and for backward compatibility with programs written for older versions of the GSS-API. However, they should not be relied upon, as they might not be supported by other implementations of the GSS-API.
Although these functions make it possible to convert a mechanism's name from a string to an OID, programmers should use the default GSS-API mechanism, instead of specifying one, if at all possible.
The following functions have been supplanted by newer functions. In each case, the new function is the functional equivalent of the old one. Although the old functions are supported, developers should replace them with the newer functions whenever possible.