NAME

gss_verify_mic − Verify checksum of a message. 

SYNOPSIS

#include <gssapi/gssapi.h>
OM_uint32 gss_verify_mic(
        OM_uint32 ∗ minor_status,
        const gss_ctx_id_t context_handle,
        const gss_buffer_t message_buffer,
        const_gss_buffer_t token_buffer,
        gss_qop_t ∗ qop_state );

PARAMETERS

minor_status
Kerberos 5 error code.

context_handle
Security context that contains the session key used to verify the message and its checksum.

message_buffer
Message to be verified.

token_buffer
Buffer containing the token generated by gss_get_mic(). 

qop_state
Quality of protection (QOP) provided. Specify NULL if this information is not required. 

gss_get_mic() contains more information about QOPs. 

DESCRIPTION

The gss_verify_mic() function verifies that the checksum fits the specified message. This function is used in conjunction with gss_get_mic() to protect messages when they are transferred between an application and its peer. 

The qop_state parameter allows a message recipient to determine the strength of protection applied to the message.  gss_get_mic() contains more information about QOPs. 

Note

This function is a direct replacement for the gss_verify() function used in GSS-API version 1 compliant products, including the HP Application Security Toolkit. 

If the function returns the GSS_S_COMPLETE status, the checksum has been verified successfully. 

If the function returns GSS_S_FAILURE, the token may be out-of-sequence, old, or a replay. To check for these conditions in the supplementary information fields, AND the major status code with a named identifier. 

RETURN VALUES

SEE ALSO

Functions:  gss_accept_sec_context(3), gss_get_mic(3), gss_init_sec_context(3), gss_release_buffer(3)