- Method
verify_mic
int verify_mic(string message, string mic)
- Description
Verifies the origin and integrity of the given message using
the given mic , which has been calculated by the sender using
get_mic or some other GSS_GetMIC wrapper.
This wraps GSS_VerifyMIC according to RFC 2743 section
2.3.2.
This function requires that the context is established, or that
the early per-message protection service is available (c.f.
GSSAPI.PROT_READY_FLAG . If not, a
GSSAPI.MissingServicesError is thrown (but the context is not
closed).
- Returns
Zero is returned if the verification fails with
GSSAPI.DEFECTIVE_TOKEN or GSSAPI.BAD_MIC .
Otherwise the message origin and integrity checks out, but it
might still be considered wrong depending on whether the replay
detection or sequencing services are required (see
required_services ):
If replay detection (c.f. GSSAPI.REPLAY_FLAG ) is required
then zero is returned if the message is duplicated
(GSSAPI.DUPLICATE_TOKEN ) or old (GSSAPI.OLD_TOKEN ).
If sequencing (c.f. GSSAPI.SEQUENCE_FLAG ) is required then in
addition to the replay detection conditions, zero is also
returned if the message is out of sequence
(GSSAPI.UNSEQ_TOKEN or GSSAPI.GAP_TOKEN ).
Otherwise nonzero is returned to indicate that the message is
valid according to the currently required services.
- Throws
Any GSS-API errors except GSSAPI.DEFECTIVE_TOKEN and
GSSAPI.BAD_MIC are thrown.
- Note
This function sets the value returned by last_qop .
- Note
Regardless whether the message is considered valid or not by the
return value, last_major_status may be called to check for
routine errors or the informatory codes mentioned above.
GSSAPI.Context()->unwrap()