i5/OS Global Secure Toolkit (GSKit) APIs

i5/OS^(TM) GSkit APIs, when used in addition to the existing i5/OS Sockets APIs, provide the functions required for applications to establish secure communications. An application using GSKit for secure communications basically is a client/server application written using sockets.

The Global Secure Toolkit (GSKit) APIs are:

• gsk_attribute_get_buffer() (Get character information about a secure session or an SSL environment) is used to obtain specific character string information about a secure session or an SSL environment.
• gsk_attribute_get_cert_info() (Get information about a local or partner certificate) is used to obtain specific information about either the server or client certificate for a secure session or an SSL environment.
• gsk_attribute_get_enum() (Get enumerated information for a secure session or an SSL environment) is used to obtain values for specific enumerated data for a secure session or an SSL environment.
• gsk_attribute_get_numeric_value() (Get numeric information about a secure session or an SSL environment) is used to obtain specific numeric information about a secure session or an SSL environment.
• gsk_attribute_set_buffer() (Set character information for a secure session or an SSL environment) is used to set a specified buffer attribute to a value inside the specified secure session or SSL environment.
• gsk_attribute_set_callback() (Set callback pointers to routines in the user application) is used to set callback callback pointers to routines in the user application.
• gsk_attribute_set_enum() (Set enumerated information for a secure session or an SSL environment) is used to set a specified enumerated type attribute to an enumerated value in the secure session or SSL environment.
• gsk_attribute_set_numeric_value() (Set numeric information for a secure session or an SSL environment) is used to set specific numeric information for a secure session or an SSL environment.
• gsk_environment_close() (Close an SSL environment) is used to close the SSL environment and release all storage associated with the environment.
• gsk_environment_init() (Initialize an SSL environment) is used to initialize the SSL environment after any required attributes are set.
• gsk_environment_open() (Get a handle for an SSL environment) is used to get storage for the SSL environment.
• gsk_secure_soc_close() (Close a secure session) is used to close a secure session and free all the associated resources for that secure session.
• gsk_secure_soc_init() (Negotiate a secure session) is used to negotiate a secure session, using the attributes set for the SSL environment and the secure session.
• gsk_secure_soc_misc() (Perform miscellaneous functions for a secure session) is used to perform miscellaneous functions for a secure session.
• gsk_secure_soc_open() (Get a handle for a secure session) is used to get storage for a secure session, set default values for attributes, and return a handle that must be saved and used on secure session-related function calls.
• gsk_secure_soc_read() (Receive data on a secure session) is used by a program to receive data from a secure session.
• gsk_secure_soc_startInit() (Start asynchronous operation to negotiate a secure session) initiates an asynchronous negotiation of a secure session, using the attributes set for the SSL environment and the secure session.
• gsk_secure_soc_startRecv() (Start asynchronous receive operation on a secure session) is used to initiate an asynchronous receive operation on a secure session.
• gsk_secure_soc_startSend() (Start asynchronous send operation on a secure session) is used to initiate an asynchronous send operation on a secure session.
• gsk_secure_soc_write() (Send data on a secure session) is used by a program to write data on a secure session.
• gsk_strerror() (Retrieve GSKit runtime error message) is used to retrieve an error message and associated text string that describes a return value that was returned from calling a GSKit API.

Note: These functions use header (include) files from the library QSYSINC, which is optionally installable. Make sure QSYSINC is installed on your system before using any of the functions. See Header Files for UNIX-Type Functions for the file and member name of each header file.

See the following examples in the Socket programming topic for more information:

• Example: GSKit secure server with asynchronous data receive
• Example: GSKit secure server with asynchronous handshake
• Example: Establish a secure client with GSKit APIs