diff options
Diffstat (limited to 'crypto/heimdal/lib/krb5/krb5_keyblock.3')
-rw-r--r-- | crypto/heimdal/lib/krb5/krb5_keyblock.3 | 218 |
1 files changed, 218 insertions, 0 deletions
diff --git a/crypto/heimdal/lib/krb5/krb5_keyblock.3 b/crypto/heimdal/lib/krb5/krb5_keyblock.3 new file mode 100644 index 0000000..9fabd32 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_keyblock.3 @@ -0,0 +1,218 @@ +.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id: krb5_keyblock.3 17385 2006-05-01 08:48:55Z lha $ +.\" +.Dd May 1, 2006 +.Dt KRB5_KEYBLOCK 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_keyblock , +.Nm krb5_keyblock_get_enctype , +.Nm krb5_copy_keyblock , +.Nm krb5_copy_keyblock_contents , +.Nm krb5_free_keyblock , +.Nm krb5_free_keyblock_contents , +.Nm krb5_generate_random_keyblock , +.Nm krb5_generate_subkey , +.Nm krb5_generate_subkey_extended , +.Nm krb5_keyblock_init , +.Nm krb5_keyblock_zero , +.Nm krb5_random_to_key +.Nd Kerberos 5 key handling functions +.Sh LIBRARY +Kerberos 5 Library (libkrb5, -lkrb5) +.Sh SYNOPSIS +.In krb5.h +.Pp +.Li krb5_keyblock ; +.Ft krb5_enctype +.Fo krb5_keyblock_get_enctype +.Fa "const krb5_keyblock *block" +.Fc +.Ft krb5_error_code +.Fo krb5_copy_keyblock +.Fa "krb5_context context" +.Fa "krb5_keyblock **to" +.Fc +.Ft krb5_error_code +.Fo krb5_copy_keyblock_contents +.Fa "krb5_context context" +.Fa "const krb5_keyblock *inblock" +.Fa "krb5_keyblock *to" +.Fc +.Ft void +.Fo krb5_free_keyblock +.Fa "krb5_context context" +.Fa "krb5_keyblock *keyblock" +.Fc +.Ft void +.Fo krb5_free_keyblock_contents +.Fa "krb5_context context" +.Fa "krb5_keyblock *keyblock" +.Fc +.Ft krb5_error_code +.Fo krb5_generate_random_keyblock +.Fa "krb5_context context" +.Fa "krb5_enctype type" +.Fa "krb5_keyblock *key" +.Fc +.Ft krb5_error_code +.Fo krb5_generate_subkey +.Fa "krb5_context context" +.Fa "const krb5_keyblock *key" +.Fa "krb5_keyblock **subkey" +.Fc +.Ft krb5_error_code +.Fo krb5_generate_subkey_extended +.Fa "krb5_context context" +.Fa "const krb5_keyblock *key" +.Fa "krb5_enctype enctype" +.Fa "krb5_keyblock **subkey" +.Fc +.Ft krb5_error_code +.Fo krb5_keyblock_init +.Fa "krb5_context context" +.Fa "krb5_enctype type" +.Fa "const void *data" +.Fa "size_t size" +.Fa "krb5_keyblock *key" +.Fc +.Ft void +.Fo krb5_keyblock_zero +.Fa "krb5_keyblock *keyblock" +.Fc +.Ft krb5_error_code +.Fo krb5_random_to_key +.Fa "krb5_context context" +.Fa "krb5_enctype type" +.Fa "const void *data" +.Fa "size_t size" +.Fa "krb5_keyblock *key" +.Fc +.Sh DESCRIPTION +.Li krb5_keyblock +holds the encryption key for a specific encryption type. +There is no component inside +.Li krb5_keyblock +that is directly referable. +.Pp +.Fn krb5_keyblock_get_enctype +returns the encryption type of the keyblock. +.Pp +.Fn krb5_copy_keyblock +makes a copy the keyblock +.Fa inblock +to the +output +.Fa out . +.Fa out +should be freed by the caller with +.Fa krb5_free_keyblock . +.Pp +.Fn krb5_copy_keyblock_contents +copies the contents of +.Fa inblock +to the +.Fa to +keyblock. +The destination keyblock is overritten. +.Pp +.Fn krb5_free_keyblock +zeros out and frees the content and the keyblock itself. +.Pp +.Fn krb5_free_keyblock_contents +zeros out and frees the content of the keyblock. +.Pp +.Fn krb5_generate_random_keyblock +creates a new content of the keyblock +.Fa key +of type encrytion type +.Fa type . +The content of +.Fa key +is overwritten and not freed, so the caller should be sure it is +freed before calling the function. +.Pp +.Fn krb5_generate_subkey +generates a +.Fa subkey +of the same type as +.Fa key . +The caller must free the subkey with +.Fa krb5_free_keyblock . +.Pp +.Fn krb5_generate_subkey_extended +generates a +.Fa subkey +of the specified encryption type +.Fa type . +If +.Fa type +is +.Dv ETYPE_NULL , +of the same type as +.Fa key . +The caller must free the subkey with +.Fa krb5_free_keyblock . +.Pp +.Fn krb5_keyblock_init +Fill in +.Fa key +with key data of type +.Fa enctype +from +.Fa data +of length +.Fa size . +Key should be freed using +.Fn krb5_free_keyblock_contents . +.Pp +.Fn krb5_keyblock_zero +zeros out the keyblock to to make sure no keymaterial is in +memory. +Note that +.Fn krb5_free_keyblock_contents +also zeros out the memory. +.Pp +.Fn krb5_random_to_key +converts the random bytestring to a protocol key according to Kerberos +crypto frame work. +It the resulting key will be of type +.Fa enctype . +It may be assumed that all the bits of the input string are equally +random, even though the entropy present in the random source may be +limited +.\" .Sh EXAMPLES +.Sh SEE ALSO +.Xr krb5_crypto_init 3 , +.Xr krb5 3 , +.Xr krb5.conf 5 |