3.4.6 GSS_WrapEx() Call

This call is an extension to GSS_Wrap [RFC2743] that passes multiple buffers.<79>

Inputs:

  • context_handle CONTEXT HANDLE

  • qop_req INTEGER, -- 0 specifies default QOP

  • input_message ORDERED LIST of:

    • conf_req_flag BOOLEAN

    • sign BOOLEAN

    • data OCTET STRING

Outputs:

  • major_status INTEGER

  • minor_status INTEGER

  • output_message ORDERED LIST (in same order as input_message) of:

    • conf_state BOOLEAN

    • signed BOOLEAN

    • data OCTET STRING

  • signature OCTET STRING

This call is identical to GSS_Wrap, except that it supports multiple input buffers.

The input data can be a list of security buffers.

Input data buffers for which conf_req_flag==TRUE are encrypted (section 3.4.3, Message Confidentiality) in output_message.

For NTLMv1, input data buffers for which sign==TRUE are included in the message signature. For NTLMv2, all input data buffers are included in the message signature (section 3.4.6.1).