gss_verify_mic - verify integrity of a received message
cc [ flag... ] file... -lgss [ library... ] #include <gssapi/gssapi.h> OM_uint32 gss_verify_mic(OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t message_buffer, const gss_buffer_t token_buffer, gss_qop_t *qop_state);
Generic Security Services API Library Functions gss_verify_mic(3gss) NAME gss_verify_mic - verify integrity of a received message SYNOPSIS cc [ flag... ] file... -lgss [ library... ] #include <gssapi/gssapi.h> OM_uint32 gss_verify_mic(OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t message_buffer, const gss_buffer_t token_buffer, gss_qop_t *qop_state); DESCRIPTION The gss_verify_mic() function verifies that a cryptographic MIC, con- tained in the token parameter, fits the supplied message. The qop_state parameter allows a message recipient to determine the strength of pro- tection that was applied to the message. Since some application-level protocols may wish to use tokens emitted by gss_wrap(3GSS) to provide secure framing, the GSS-API supports the calculation and verification of MICs over zero-length messages. PARAMETERS The parameter descriptions for gss_verify_mic() follow: minor_status The status code returned by the underlying mechanism. context_handle Identifies the context on which the message arrived. message_buffer The message to be verified. token_buffer The token associated with the message. qop_state Specifies the quality of protection gained from the MIC. Specify NULL if this parameter is not required. ERRORS gss_verify_mic() may return the following status codes: GSS_S_COMPLETE Successful completion. GSS_S_DEFECTIVE_TOKEN The token failed consistency checks. GSS_S_BAD_SIG The MIC was incorrect. GSS_S_DUPLICATE_TOKEN The token was valid and contained a correct MIC for the message, but it had already been processed. GSS_S_OLD_TOKEN The token was valid and contained a correct MIC for the message, but it is too old to check for duplication. GSS_S_UNSEQ_TOKEN The token was valid and contained a correct MIC for the message, but it has been verified out of sequence; a later token has already been received. GSS_S_GAP_TOKEN The token was valid and contained a correct MIC for the message, but it has been verified out of sequence; an earlier expected token has not yet been received. GSS_S_CONTEXT_EXPIRED The context has already expired. GSS_S_NO_CONTEXT The context_handle parameter did not identify a valid context. GSS_S_FAILURE The underlying mechanism detected an error for which no specific GSS status code is defined. The mechanism-specific status code reported by means of the minor_status parameter details the error condition. ATTRIBUTES See attributes(7) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |MT-Level |Safe | +-----------------------------+-----------------------------+ ATTRIBUTES See attributes(7) for descriptions of the following attributes: +---------------+------------------------+ |ATTRIBUTE TYPE | ATTRIBUTE VALUE | +---------------+------------------------+ |Availability | security/kerberos-5 | +---------------+------------------------+ |Stability | Pass-through committed | +---------------+------------------------+ SEE ALSO gss_wrap(3GSS), attributes(7) NOTES Source code for open source software components in Oracle Solaris can be found at https://www.oracle.com/downloads/opensource/solaris-source- code-downloads.html. This software was built from source available at https://github.com/oracle/solaris-userland. The original community source was downloaded from http://web.mit.edu/ker- beros/dist/krb5/1.18/krb5-1.18.4.tar.gz. Further information about this software can be found on the open source community website at http://web.mit.edu/kerberos/. Solaris 11.4 22 Aug 2011 gss_verify_mic(3gss)