1gss_verify_mic(3GGSeSn)eric Security Services API Library Functgisosn_sverify_mic(3GSS)
2
3
4
6 gss_verify_mic - verify integrity of a received message
7
9 cc [ flag... ] file... -lgss [ library... ]
10 #include <gssapi/gssapi.h>
11
12 OM_uint32 gss_verify_mic(OM_uint32 *minor_status,
13 const gss_ctx_id_t context_handle, const gss_buffer_t message_buffer,
14 const gss_buffer_t token_buffer, gss_qop_t *qop_state);
15
16
18 The gss_verify_mic() function verifies that a cryptographic MIC, con‐
19 tained in the token parameter, fits the supplied message. The qop_state
20 parameter allows a message recipient to determine the strength of pro‐
21 tection that was applied to the message.
22
23
24 Since some application-level protocols may wish to use tokens emitted
25 by gss_wrap(3GSS) to provide secure framing, the GSS-API supports the
26 calculation and verification of MICs over zero-length messages.
27
29 The parameter descriptions for gss_verify_mic() follow:
30
31 minor_status The status code returned by the underlying mechanism.
32
33
34 context_handle Identifies the context on which the message arrived.
35
36
37 message_buffer The message to be verified.
38
39
40 token_buffer The token associated with the message.
41
42
43 qop_state Specifies the quality of protection gained from the
44 MIC. Specify NULL if this parameter is not required.
45
46
48 gss_verify_mic() may return the following status codes:
49
50 GSS_S_COMPLETE Successful completion.
51
52
53 GSS_S_DEFECTIVE_TOKEN The token failed consistency checks.
54
55
56 GSS_S_BAD_SIG The MIC was incorrect.
57
58
59 GSS_S_DUPLICATE_TOKEN The token was valid and contained a correct
60 MIC for the message, but it had already been
61 processed.
62
63
64 GSS_S_OLD_TOKEN The token was valid and contained a correct
65 MIC for the message, but it is too old to
66 check for duplication.
67
68
69 GSS_S_UNSEQ_TOKEN The token was valid and contained a correct
70 MIC for the message, but it has been verified
71 out of sequence; a later token has already
72 been received.
73
74
75 GSS_S_GAP_TOKEN The token was valid and contained a correct
76 MIC for the message, but it has been verified
77 out of sequence; an earlier expected token has
78 not yet been received.
79
80
81 GSS_S_CONTEXT_EXPIRED The context has already expired.
82
83
84 GSS_S_NO_CONTEXT The context_handle parameter did not identify
85 a valid context.
86
87
88 GSS_S_FAILURE The underlying mechanism detected an error for
89 which no specific GSS status code is defined.
90 The mechanism-specific status code reported by
91 means of the minor_status parameter details
92 the error condition.
93
94
96 See attributes(5) for descriptions of the following attributes:
97
98
99
100
101 ┌─────────────────────────────┬─────────────────────────────┐
102 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
103 ├─────────────────────────────┼─────────────────────────────┤
104 │Availability │SUNWgss (32-bit) │
105 ├─────────────────────────────┼─────────────────────────────┤
106 │ │SUNWgssx (64-bit) │
107 ├─────────────────────────────┼─────────────────────────────┤
108 │MT-Level │Safe │
109 └─────────────────────────────┴─────────────────────────────┘
110
112 gss_wrap(3GSS), attributes(5)
113
114
115 Solaris Security for Developers Guide
116
117
118
119SunOS 5.11 15 Jan 2003 gss_verify_mic(3GSS)