The context management functions of the Security Support Provider Interface enable applications to create and use security contexts. A security context is the security data relevant to a connection. A security context contains information such as a session key, duration of the session, and so on.
Both the client and server in a communication link must cooperate to create a security context. The client and server can then use the security context with the message support functions to ensure message integrity and privacy during the connection.
The context management functions use a context handle, which is an opaque object. The security provider dereferences a handle to access the security context. A context handle with the value {0xFFFFFFFF, 0xFFFFFFFF} is always invalid.
The following functions are used with context management.
| Function | Description |
|---|---|
| AcceptSecurityContext | Create a security context based on an opaque message received from a client. |
| ApplyControlToken | Apply a supplemental security message to an existing security context. |
| DeleteSecurityContext | Free a security context and associated resources. |
| FreeContextBuffer | Free a memory buffer allocated by a security provider. |
| ImpersonateSecurityContext | Impersonate the security context to appear as the client to the system. |
| InitializeSecurityContext | Initiate a security context by generating an opaque message that can be passed to a server. |
| QueryContextAttributes | Query the attributes of a security context. |
| RevertSecurityContext | Cease impersonating a security context. |