gss_verify_mic(3Generic Security Services API Library Funcgss_verify_mic(3GSS)NAMEgss_verify_mic - verify integrity of a received message
SYNOPSIS
cc [ flag... ] file... -lgss [ library... ]
#include <gssapi/gssapi.h>
OM_uint32 gss_verify_mic(OM_uint32 *minor_status,
const gss_ctx_id_t context_handle, const gss_buffer_t message_buffer,
const gss_buffer_t token_buffer, gss_qop_t *qop_state);
DESCRIPTION
The gss_verify_mic() function verifies that a cryptographic MIC, con‐
tained in the token parameter, fits the supplied message. The qop_state
parameter allows a message recipient to determine the strength of pro‐
tection that was applied to the message.
Since some application-level protocols may wish to use tokens emitted
by gss_wrap(3GSS) to provide secure framing, the GSS-API supports the
calculation and verification of MICs over zero-length messages.
PARAMETERS
The parameter descriptions for gss_verify_mic() follow:
minor_status The status code returned by the underlying mechanism.
context_handle Identifies the context on which the message arrived.
message_buffer The message to be verified.
token_buffer The token associated with the message.
qop_state Specifies the quality of protection gained from the
MIC. Specify NULL if this parameter is not required.
ERRORSgss_verify_mic() may return the following status codes:
GSS_S_COMPLETE Successful completion.
GSS_S_DEFECTIVE_TOKEN The token failed consistency checks.
GSS_S_BAD_SIG The MIC was incorrect.
GSS_S_DUPLICATE_TOKEN The token was valid and contained a correct
MIC for the message, but it had already been
processed.
GSS_S_OLD_TOKEN The token was valid and contained a correct
MIC for the message, but it is too old to
check for duplication.
GSS_S_UNSEQ_TOKEN The token was valid and contained a correct
MIC for the message, but it has been verified
out of sequence; a later token has already
been received.
GSS_S_GAP_TOKEN The token was valid and contained a correct
MIC for the message, but it has been verified
out of sequence; an earlier expected token has
not yet been received.
GSS_S_CONTEXT_EXPIRED The context has already expired.
GSS_S_NO_CONTEXT The context_handle parameter did not identify
a valid context.
GSS_S_FAILURE The underlying mechanism detected an error for
which no specific GSS status code is defined.
The mechanism-specific status code reported by
means of the minor_status parameter details
the error condition.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌─────────────────────────────┬─────────────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├─────────────────────────────┼─────────────────────────────────────┤
│Availability │system/library/security/gss (32-bit) │
├─────────────────────────────┼─────────────────────────────────────┤
│ │SUNWgssx (64-bit) │
├─────────────────────────────┼─────────────────────────────────────┤
│MT-Level │Safe │
└─────────────────────────────┴─────────────────────────────────────┘
SEE ALSOgss_wrap(3GSS), attributes(5)
Solaris Security for Developers Guide
SunOS 5.11 15 Jan 2003 gss_verify_mic(3GSS)