gss_verify_mic(3)gss_verify_mic(3)NAMEgss_verify_mic - Verify checksum of a message.
SYNOPSIS
#include <gssapi/gssapi.h>
OM_uint32 gss_verify_mic(
OM_uint32 * minor_status,
const gss_ctx_id_t context_handle,
const gss_buffer_t message_buffer,
const_gss_buffer_t token_buffer,
gss_qop_t * qop_state );
PARAMETERS
Kerberos 5 error code. Security context that contains the session key
used to verify the message and its checksum. Message to be verified.
Buffer containing the token generated by gss_get_mic(). Quality of
protection (QOP) provided. Specify NULL if this information is not
required.
gss_get_mic() contains more information about QOPs.
DESCRIPTION
The gss_verify_mic() function verifies that the checksum fits the spec‐
ified message. This function is used in conjunction with gss_get_mic()
to protect messages when they are transferred between an application
and its peer.
The qop_state parameter allows a message recipient to determine the
strength of protection applied to the message. gss_get_mic() contains
more information about QOPs.
Note
This function is a direct replacement for the gss_verify() function
used in GSS-API version 1 compliant products, including the HP Applica‐
tion Security Toolkit.
If the function returns the GSS_S_COMPLETE status, the checksum has
been verified successfully.
If the function returns GSS_S_FAILURE, the token may be out-of-
sequence, old, or a replay. To check for these conditions in the sup‐
plementary information fields, AND the major status code with a named
identifier.
RETURN VALUES
GSS_S_CALL_INACCESSIBLE_READ 01xxxxxx
GSS_S_CALL_INACCESSIBLE_WRITE 02xxxxxx
GSS_S_COMPLETE 00000000
GSS_S_DEFECTIVE_TOKEN xx09xxxx
GSS_S_DUPLICATE_TOKEN xxxx0002
GSS_S_FAILURE xx0Dxxxx
GSS_S_NO_CONTEXT xx08xxxx
GSS_S_OLD_TOKEN xxxx0004
GSS_S_UNAVAILABLE xx10xxxx
GSS_S_UNSEQ_TOKEN xxxx0008
SEE ALSO
Functions: gss_accept_sec_context(3), gss_get_mic(3),
gss_init_sec_context(3), gss_release_buffer(3)gss_verify_mic(3)