Generic Security Services API Library Functions
gssverifymic(3GS)
NAME
gssverifymic - verify integrity of a received message
SYNOPSIS
cc [ flag... ] file... -lgss [ library... ]
#include
OMuint32 gssverifymic(OMuint32 *minorstatus,
const gssctxidt contexthandle, const gssbuffert messagebuffer,
const gssbuffert tokenbuffer, gssqopt *qopstate);
DESCRIPTION
The gssverifymic() function verifies that a cryptographic
MIC, contained in the token parameter, fits the supplied
message. The qopstate parameter allows a message recipient
to determine the strength of protection that was applied to
the message.
Since some application-level protocols may wish to use
tokens emitted by gsswrap(3GS) to provide secure framing,
the GS-API supports the calculation and verification of
MICs over zero-length messages.
PARAMETERS
The parameter descriptions for gssverifymic() follow:
minorstatus The status code returned by the underlying
mechanism.
contexthandle Identifies the context on which the mes-
sage arrived.
messagebuffer The message to be verified.
tokenbuffer The token associated with the message.
qopstate Specifies the quality of protection gained
from the MIC. Specify NUL if this parame-
ter is not required.
ERORS
gssverifymic() may return the following status codes:
SunOS 5.11 Last change: 15 Jan 2003 1
Generic Security Services API Library Functions
gssverifymic(3GS)
GSCOMPLETE Successful completion.
GSDEFECTIVETOKEN The token failed consistency
checks.
GSBADSIG The MIC was incorrect.
GSDUPLICATETOKEN The token was valid and contained a
correct MIC for the message, but it
had already been processed.
GSOLDTOKEN The token was valid and contained a
correct MIC for the message, but it
is too old to check for duplica-
tion.
GSUNSEQTOKEN The token was valid and contained a
correct MIC for the message, but it
has been verified out of sequence;
a later token has already been
received.
GSGAPTOKEN The token was valid and contained a
correct MIC for the message, but it
has been verified out of sequence;
an earlier expected token has not
yet been received.
GSCONTEXTEXPIRED The context has already expired.
GSNOCONTEXT The contexthandle parameter did
not identify a valid context.
GSFAILURE The underlying mechanism detected
an error for which no specific GS
status code is defined. The
mechanism-specific status code
reported by means of the
minorstatus parameter details the
error condition.
SunOS 5.11 Last change: 15 Jan 2003 2
Generic Security Services API Library Functions
gssverifymic(3GS)
ATRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
Availability SUNWgss (32-bit)
SUNWgssx (64-bit)
MT-Level Safe
SEE ALSO
gsswrap(3GS), attributes(5)
Solaris Security for Developers Guide
SunOS 5.11 Last change: 15 Jan 2003 3
Generic Security Services API Library Functions
gssverifymic(3GS)
SunOS 5.11 Last change: 15 Jan 2003 4
|
