1 /*
2  * Copyright 2001-2002 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 #pragma ident	"%Z%%M%	%I%	%E% SMI"
7 
8 /*
9  * Copyright 1993 by OpenVision Technologies, Inc.
10  *
11  * Permission to use, copy, modify, distribute, and sell this software
12  * and its documentation for any purpose is hereby granted without fee,
13  * provided that the above copyright notice appears in all copies and
14  * that both that copyright notice and this permission notice appear in
15  * supporting documentation, and that the name of OpenVision not be used
16  * in advertising or publicity pertaining to distribution of the software
17  * without specific, written prior permission. OpenVision makes no
18  * representations about the suitability of this software for any
19  * purpose.  It is provided "as is" without express or implied warranty.
20  *
21  * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
22  * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
23  * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
24  * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
25  * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
26  * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
27  * PERFORMANCE OF THIS SOFTWARE.
28  */
29 
30 #include <gssapiP_krb5.h>
31 
32 /*
33  * $Id: verify.c,v 1.11 1996/07/22 20:34:45 marc Exp $
34  */
35 /*ARGSUSED*/
36 OM_uint32
37 krb5_gss_verify(ctx, minor_status, context_handle,
38 		message_buffer, token_buffer,
39 		qop_state
40 #ifdef	 _KERNEL
41 		, gssd_ctx_verifier
42 #endif
43 		)
44      void      *ctx;
45      OM_uint32 *minor_status;
46      gss_ctx_id_t context_handle;
47      gss_buffer_t message_buffer;
48      gss_buffer_t token_buffer;
49      int *qop_state;
50 #ifdef	 _KERNEL
51 	OM_uint32 gssd_ctx_verifier;
52 #endif
53 {
54      krb5_context context;
55      OM_uint32	  status;
56 
57    /* Solaris Kerberos:  for MT safety, we avoid the use of a default
58     * context via kg_get_context() */
59 #if 0
60      if (GSS_ERROR(kg_get_context(minor_status, &context)))
61 	return(GSS_S_FAILURE);
62 #endif
63 
64      mutex_lock(&krb5_mutex);
65      context = ctx;
66 
67      status = kg_unseal(context, minor_status, context_handle,
68 		      token_buffer, message_buffer,
69 		      NULL, qop_state, KG_TOK_SIGN_MSG);
70      mutex_unlock(&krb5_mutex);
71      return(status);
72 }
73 
74 /* V2 interface */
75 OM_uint32
76 krb5_gss_verify_mic(ctx, minor_status, context_handle,
77 		    message_buffer, token_buffer,
78 		    qop_state)
79     void		*ctx;
80     OM_uint32		*minor_status;
81     gss_ctx_id_t	context_handle;
82     gss_buffer_t	message_buffer;
83     gss_buffer_t	token_buffer;
84     gss_qop_t		*qop_state;
85 {
86     krb5_context	context;
87     OM_uint32		rstat;
88     int			qstate;
89 
90    /* Solaris Kerberos:  for MT safety, we avoid the use of a default
91     * context via kg_get_context() */
92 #if 0
93     if (GSS_ERROR(kg_get_context(minor_status, &context)))
94        return(GSS_S_FAILURE);
95 #endif
96 
97     mutex_lock(&krb5_mutex);
98     context = ctx;
99 
100     rstat = kg_unseal(context, minor_status, context_handle,
101 		      token_buffer, message_buffer,
102 		      NULL, &qstate, KG_TOK_MIC_MSG);
103     if (!rstat && qop_state)
104 	*qop_state = (gss_qop_t) qstate;
105     mutex_unlock(&krb5_mutex);
106     return(rstat);
107 }
108