flux_sign_wrap(3)¶
SYNOPSIS¶
#include <flux/security/sign.h>
const char *flux_sign_wrap (flux_security_t *ctx,
const void *buf,
int len,
const char *mech_type,
int flags);
const char *flux_sign_wrap_as (flux_security_t *ctx,
int64_t userid,
const void *buf,
int len,
const char *mech_type,
int flags);
DESCRIPTION¶
flux_sign_wrap()
wraps a payload defined by buf and len in a credential
suitable for unwrapping with flux_sign_unwrap(3). The signing user is
taken to be the userid returned by getuid(2). ctx is a Flux
security context from flux_security_create(3). mech_type selects the
signing mechanism, and may be set to NULL to select the default defined
by flux-config-security-sign(5). The flags parameter must be set to
zero. The function returns a NULL terminated credential string that remains
valid until flux_sign_wrap()
is called again. The caller should not
attempt to free the credential.
flux_sign_wrap_as()
is identical to flux_sign_wrap()
, except the
signing user may be explicitly specified with the userid parameter.
RETURN VALUE¶
flux_sign_wrap()
and flux_sign_wrap_as()
return a NULL terminated
credential on success, or NULL on failure with errno set. In addition, a human
readable error string may be retrieved using flux_security_last_error(3).
ERRORS¶
- EINVAL
Some arguments were invalid.
- ENOMEM
Out of memory.
RESOURCES¶
Flux: http://flux-framework.org
RFC 15: Independent Minister of Privilege for Flux: The Security IMP: https://flux-framework.readthedocs.io/projects/flux-rfc/en/latest/spec_15.html
SEE ALSO¶
flux_security_create(3), flux_security_unwrap(7), flux_security_last_error(3), flux-config-security-sign(5)