|
HP Open Source Security for OpenVMS Volume 3: Kerberos > Chapter 5 GSSAPI (Generic Security Services Application
Programming Interface)
gss_verify_mic — Check that a cryptographic MIC fits the applied message
C Prototype | |
OM_uint32 gss_verify_mic( OM_uint32 * minor_status, gss_ctx_id_t context_handle, gss_buffer_t message_buffer, gss_buffer_t message_token, gss_qop_t * qop_state );
|
Arguments | |
minor_status
(output) | | An implementation-specific
status code. | context_handle (input) | | Specifies the context on
which the message arrived. | message_buffer (input) | | Specifies the message to
be verified. | message_token (input) | | Specifies the token to be
associated with the message. | qop_state (output) | | Returns the quality of protection
gained from the MIC. Specify NULL if not required. |
Description | |
This routine checks that a cryptographic MIC, contained in
the message_token argument, fits the message
in the message_buffer argument. The qop_state argument
allows a message recipient to determine the strength of protection
that was applied to the message. This routine is functionally equivalent to the gss_verify routine.
New code should use gss_verify_mic instead
of gss_verify. Although both routines
are supported, gss_verify has been deprecated
in the GSSAPI Version 2 specification. Return
Values | |
This routine returns one of the following GSS status codes: GSS_S_COMPLETE | Indicates that the message was successfully
verified. | GSS_S_DEFECTIVE_TOKEN | Indicates that consistency checks performed
on the received message_token failed, preventing
further processing from being performed with that token. | GSS_S_BAD_SIG | Indicates that the received message_token contains
an incorrect MIC for the message. | GSS_S_DUPLICATE_TOKEN | The message_token was
valid, and contained a correct MIC for the message, but is a duplicate
of a token already processed. This is a fatal error during context establishment. | GSS_S_OLD_TOKEN | The message_token was
valid, and contained a correct MIC for the message, but the message_token was
too old to check for duplication. This is a fatal error during context
establishment. | GSS_S_UNSEQ_TOKEN | Indicates that the cryptographic check
value on the received message was correct, and the message_token contained
a correct MIC, but the token has been verified out of sequence;
a later token has already been received. | GSS_S_GAP_TOKEN | Indicates that the cryptographic check
value on the received message was correct, and the message_token contained
a correct MIC, but the token has been verified out of sequence;
an earlier expected token has not yet been received. | GSS_S_CONTEXT_EXPIRED | Indicates that context-related data items
have expired, so that the requested operation cannot be performed | GSS_S_NO_CONTEXT | Indicates that no valid context was recognized
for the input context_handle provided. |
|
|