/*
- * Copyright (c) 2010, JANET(UK)
+ * Copyright (c) 2011, JANET(UK)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* SUCH DAMAGE.
*/
+/*
+ * Message protection services: verify a message integrity check.
+ */
+
#include "gssapiP_eap.h"
OM_uint32
gss_buffer_t message_token,
gss_qop_t *qop_state)
{
- gss_iov_buffer_desc iov[2];
+ OM_uint32 major;
+ gss_iov_buffer_desc iov[3];
int conf_state;
+ if (message_token->length < 16) {
+ *minor = GSSEAP_TOK_TRUNC;
+ return GSS_S_BAD_SIG;
+ }
+
+ *minor = 0;
+
iov[0].type = GSS_IOV_BUFFER_TYPE_DATA;
iov[0].buffer = *message_buffer;
iov[1].type = GSS_IOV_BUFFER_TYPE_HEADER;
- iov[1].buffer = *message_token;
+ iov[1].buffer.length = 16;
+ iov[1].buffer.value = message_token->value;
+
+ iov[2].type = GSS_IOV_BUFFER_TYPE_TRAILER;
+ iov[2].buffer.length = message_token->length - 16;
+ iov[2].buffer.value = (unsigned char *)message_token->value + 16;
+
+ GSSEAP_MUTEX_LOCK(&ctx->mutex);
+
+ major = gssEapUnwrapOrVerifyMIC(minor, ctx, &conf_state, qop_state,
+ iov, 3, TOK_TYPE_MIC);
+
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
- return gssEapUnwrapOrVerifyMIC(minor, ctx, &conf_state, qop_state,
- iov, 2, TOK_TYPE_MIC);
+ return major;
}