GSS_VERIFY_MIC(3GSS) Generic Security Services API Library Functions
NAME
gss_verify_mic - verify integrity of a received message
SYNOPSIS
cc [
flag... ]
file...
-lgss [
library... ]
#include <gssapi/gssapi.h>
OM_uint32 gss_verify_mic(
OM_uint32 *minor_status,
const gss_ctx_id_t context_handle,
const gss_buffer_t message_buffer,
const gss_buffer_t token_buffer,
gss_qop_t *qop_state);
DESCRIPTION
The
gss_verify_mic() function verifies that a cryptographic
MIC,
contained in the token parameter, fits the supplied message. The
qop_state parameter allows a message recipient to determine the
strength of protection that was applied to the message.
Since some application-level protocols may wish to use tokens emitted
by
gss_wrap(3GSS) to provide secure framing, the
GSS-API supports the
calculation and verification of
MICs over zero-length messages.
PARAMETERS
The parameter descriptions for
gss_verify_mic() follow:
minor_status The status code returned by the underlying
mechanism.
context_handle Identifies the context on which the message
arrived.
message_buffer The message to be verified.
token_buffer The token associated with the message.
qop_state Specifies the quality of protection gained from the
MIC. Specify
NULL if this parameter is not
required.
ERRORS
gss_verify_mic() may return the following status codes:
GSS_S_COMPLETE Successful completion.
GSS_S_DEFECTIVE_TOKEN The token failed consistency checks.
GSS_S_BAD_SIG The
MIC was incorrect.
GSS_S_DUPLICATE_TOKEN The token was valid and contained a correct
MIC for the message, but it had already been
processed.
GSS_S_OLD_TOKEN The token was valid and contained a correct
MIC for the message, but it is too old to
check for duplication.
GSS_S_UNSEQ_TOKEN The token was valid and contained a correct
MIC for the message, but it has been
verified out of sequence; a later token has
already been received.
GSS_S_GAP_TOKEN The token was valid and contained a correct
MIC for the message, but it has been
verified out of sequence; an earlier
expected token has not yet been received.
GSS_S_CONTEXT_EXPIRED The context has already expired.
GSS_S_NO_CONTEXT The
context_handle parameter did not
identify a valid context.
GSS_S_FAILURE The underlying mechanism detected an error
for which no specific
GSS status code is
defined. The mechanism-specific status code
reported by means of the
minor_status parameter details the error condition.
ATTRIBUTES
See
attributes(7) for descriptions of the following attributes:
+---------------+-----------------+
|ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+---------------+-----------------+
|MT-Level | Safe |
+---------------+-----------------+
SEE ALSO
gss_wrap(3GSS),
attributes(7) Solaris Security for Developers Guide January 15, 2003 GSS_VERIFY_MIC(3GSS)
