Cross Reference: /solaris-userland/components/krb5/Solaris/man/gss_verify_mic.3gss

te
Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.

gss_verify_mic 3GSS "22 Aug 2011" "SunOS 5.12" "Generic Security Services API Library Functions"

NAME

gss_verify_mic - verify integrity of a received message

SYNOPSIS

cc [ flag... ] file... -lgss [ library... ] 
#include <gssapi/gssapi.h>

OM_uint32 gss_verify_mic(OM_uint32 *minor_status,
 const gss_ctx_id_t context_handle, const gss_buffer_t message_buffer,
 const gss_buffer_t token_buffer, gss_qop_t *qop_state);

DESCRIPTION

The gss_verify_mic() function verifies that a cryptographic MIC, contained in the token parameter, fits the supplied message. The qop_state parameter allows a message recipient to determine the strength of protection that was applied to the message.

Since some application-level protocols may wish to use tokens emitted by gss_wrap(3GSS) to provide secure framing, the GSS-API supports the calculation and verification of MICs over zero-length messages.

PARAMETERS

The parameter descriptions for gss_verify_mic() follow:

minor_status

The status code returned by the underlying mechanism.

context_handle

Identifies the context on which the message arrived.

message_buffer

The message to be verified.

token_buffer

The token associated with the message.

qop_state

Specifies the quality of protection gained from the MIC. Specify NULL if this parameter is not required.

ERRORS

gss_verify_mic() may return the following status codes:

GSS_S_COMPLETE

Successful completion.

GSS_S_DEFECTIVE_TOKEN

The token failed consistency checks.

GSS_S_BAD_SIG

The MIC was incorrect.

GSS_S_DUPLICATE_TOKEN

The token was valid and contained a correct MIC for the message, but it had already been processed.

GSS_S_OLD_TOKEN

The token was valid and contained a correct MIC for the message, but it is too old to check for duplication.

GSS_S_UNSEQ_TOKEN

The token was valid and contained a correct MIC for the message, but it has been verified out of sequence; a later token has already been received.

GSS_S_GAP_TOKEN

The token was valid and contained a correct MIC for the message, but it has been verified out of sequence; an earlier expected token has not yet been received.

GSS_S_CONTEXT_EXPIRED

The context has already expired.

GSS_S_NO_CONTEXT

The context_handle parameter did not identify a valid context.

GSS_S_FAILURE

The underlying mechanism detected an error for which no specific GSS status code is defined. The mechanism-specific status code reported by means of the minor_status parameter details the error condition.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:


ATTRIBUTE TYPE	ATTRIBUTE VALUE
MT-Level	Safe

SEE ALSO

gss_wrap(3GSS), attributes(5)