man krb5_copy_keyblock_contents (Fonctions bibliothèques) - krb5_keyblock ,

NAME

krb5_keyblock ,krb5_keyblock_get_enctype ,krb5_copy_keyblock ,krb5_copy_keyblock_contents ,krb5_free_keyblock ,krb5_free_keyblock_contents ,krb5_generate_random_keyblock ,krb5_generate_subkey ,krb5_generate_subkey_extended ,krb5_keyblock_init ,krb5_keyblock_zero ,krb5_random_to_key - Kerberos 5 key handling functions.

LIBRARY

Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS

krb5_keyblock ; const krb5_keyblock *block krb5_context context krb5_keyblock **to krb5_context context const krb5_keyblock *inblock krb5_keyblock *to krb5_context context krb5_keyblock *keyblock krb5_context context krb5_keyblock *keyblock krb5_context context krb5_enctype type krb5_keyblock *key krb5_context context const krb5_keyblock *key krb5_keyblock **subkey krb5_context context const krb5_keyblock *key krb5_enctype enctype krb5_keyblock **subkey krb5_context context krb5_enctype type const void *data size_t size krb5_keyblock *key krb5_keyblock *keyblock krb5_context context krb5_enctype type const void *data size_t size krb5_keyblock *key

DESCRIPTION

krb5_keyblock

holds the encryption key for a specific encryption type. There is no component inside krb5_keyblock that is directly referable.

krb5_keyblock_get_enctype returns the encryption type of the keyblock.

krb5_copy_keyblock makes a copy the keyblock inblock to the output out . out should be freed by the caller with krb5_free_keyblock .

krb5_copy_keyblock_contents copies the contents of inblock to the to keyblock. The destination keyblock is overritten.

krb5_free_keyblock zeros out and frees the content and the keyblock itself.

krb5_free_keyblock_contents zeros out and frees the content of the keyblock.

krb5_generate_random_keyblock creates a new content of the keyblock key of type encrytion type type . The content of key is overwritten and not freed, so the caller should be sure it is freed before calling the function.

krb5_generate_subkey generates a subkey of the same type as key . The caller must free the subkey with krb5_free_keyblock .

krb5_generate_subkey_extended generates a subkey of the specified encryption type type . If type is ETYPE_NULL , of the same type as key . The caller must free the subkey with krb5_free_keyblock .

krb5_keyblock_init Fill in key with key data of type enctype from data of length size . Key should be freed using krb5_free_keyblock_contents .

krb5_keyblock_zero zeros out the keyblock to to make sure no keymaterial is in memory. Note that krb5_free_keyblock_contents also zeros out the memory.

krb5_random_to_key converts the random bytestring to a protocol key according to Kerberos crypto frame work. It the resulting key will be of type enctype . It may be assumed that all the bits of the input string are equally random, even though the entropy present in the random source may be limited

SEE ALSO

krb5_crypto_init(3) ,krb5(3) ,krb5.conf()