krb5_keyblock;
krb5_enctype
krb5_keyblock_get_enctype(
const krb5_keyblock *block
)
krb5_error_code
krb5_copy_keyblock(
krb5_context context
krb5_keyblock **to
)
krb5_error_code
krb5_copy_keyblock_contents(
krb5_context context
const krb5_keyblock *inblock
krb5_keyblock *to
)
void
krb5_free_keyblock(
krb5_context context
krb5_keyblock *keyblock
)
void
krb5_free_keyblock_contents(
krb5_context context
krb5_keyblock *keyblock
)
krb5_error_code
krb5_generate_random_keyblock(
krb5_context context
krb5_enctype type
krb5_keyblock *key
)
krb5_error_code
krb5_generate_subkey(
krb5_context context
const krb5_keyblock *key
krb5_keyblock **subkey
)
krb5_error_code
krb5_generate_subkey_extended(
krb5_context context
const krb5_keyblock *key
krb5_enctype enctype
krb5_keyblock **subkey
)
krb5_error_code
krb5_keyblock_init(
krb5_context context
krb5_enctype type
const void *data
size_t size
krb5_keyblock *key
)
void
krb5_keyblock_zero(
krb5_keyblock *keyblock
)
krb5_error_code
krb5_random_to_key(
krb5_context context
krb5_enctype type
const void *data
size_t size
krb5_keyblock *key
)
krb5_keyblock
holds the encryption key for a specific encryption type.
There is no component inside
krb5_keyblock
that is directly referable.
krb5_keyblock_get_enctype()
returns the encryption type of the keyblock.
krb5_copy_keyblock()
makes a copy the keyblock
inblock
to the
output
out.
out
should be freed by the caller with
krb5_free_keyblock.
krb5_copy_keyblock_contents()
copies the contents of
inblock
to the
to
keyblock.
The destination keyblock is overritten.
krb5_free_keyblock()
zeros out and frees the content and the keyblock itself.
krb5_free_keyblock_contents()
zeros out and frees the content of the keyblock.
krb5_generate_random_keyblock()
creates a new content of the keyblock
key
of type encrytion type
type.
The content of
key
is overwritten and not freed, so the caller should be sure it is
freed before calling the function.
krb5_generate_subkey()
generates a
subkey
of the same type as
key.
The caller must free the subkey with
krb5_free_keyblock.
krb5_generate_subkey_extended()
generates a
subkey
of the specified encryption type
type.
If
type
is
ETYPE_NULL,
of the same type as
key.
The caller must free the subkey with
krb5_free_keyblock.
krb5_keyblock_init()
Fill in
key
with key data of type
enctype
from
data
of length
size.
Key should be freed using
krb5_free_keyblock_contents().
krb5_keyblock_zero()
zeros out the keyblock to to make sure no keymaterial is in
memory.
Note that
krb5_free_keyblock_contents()
also zeros out the memory.
krb5_random_to_key()
converts the random bytestring to a protocol key according to Kerberos
crypto frame work.
It the resulting key will be of type
enctype.
It may be assumed that all the bits of the input string are equally
random, even though the entropy present in the random source may be
limited