krb5_keyblock
;
krb5_enctype
krb5_keyblock_get_enctype(
const krb5_keyblock *block
)
krb5_error_code
krb5_copy_keyblock(
krb5_context context
krb5_keyblock **to
)
krb5_error_code
krb5_copy_keyblock_contents(
krb5_context context
const krb5_keyblock *inblock
krb5_keyblock *to
)
void
krb5_free_keyblock(
krb5_context context
krb5_keyblock *keyblock
)
void
krb5_free_keyblock_contents(
krb5_context context
krb5_keyblock *keyblock
)
krb5_error_code
krb5_generate_random_keyblock(
krb5_context context
krb5_enctype type
krb5_keyblock *key
)
krb5_error_code
krb5_generate_subkey(
krb5_context context
const krb5_keyblock *key
krb5_keyblock **subkey
)
krb5_error_code
krb5_generate_subkey_extended(
krb5_context context
const krb5_keyblock *key
krb5_enctype enctype
krb5_keyblock **subkey
)
krb5_error_code
krb5_keyblock_init(
krb5_context context
krb5_enctype type
const void *data
size_t size
krb5_keyblock *key
)
void
krb5_keyblock_zero(
krb5_keyblock *keyblock
)
krb5_error_code
krb5_random_to_key(
krb5_context context
krb5_enctype type
const void *data
size_t size
krb5_keyblock *key
)
krb5_keyblock
holds the encryption key for a specific encryption type.
There is no component inside
krb5_keyblock
that is directly referable.
krb5_keyblock_get_enctype()
returns the encryption type of the keyblock.
krb5_copy_keyblock()
makes a copy the keyblock
inblock
to the
output
out
.
out
should be freed by the caller with
krb5_free_keyblock
.
krb5_copy_keyblock_contents()
copies the contents of
inblock
to the
to
keyblock.
The destination keyblock is overritten.
krb5_free_keyblock()
zeros out and frees the content and the keyblock itself.
krb5_free_keyblock_contents()
zeros out and frees the content of the keyblock.
krb5_generate_random_keyblock()
creates a new content of the keyblock
key
of type encrytion type
type
.
The content of
key
is overwritten and not freed, so the caller should be sure it is
freed before calling the function.
krb5_generate_subkey()
generates a
subkey
of the same type as
key
.
The caller must free the subkey with
krb5_free_keyblock
.
krb5_generate_subkey_extended()
generates a
subkey
of the specified encryption type
type
.
If
type
is
ETYPE_NULL
,
of the same type as
key
.
The caller must free the subkey with
krb5_free_keyblock
.
krb5_keyblock_init()
Fill in
key
with key data of type
enctype
from
data
of length
size
.
Key should be freed using
krb5_free_keyblock_contents().
krb5_keyblock_zero()
zeros out the keyblock to to make sure no keymaterial is in
memory.
Note that
krb5_free_keyblock_contents(
)
also zeros out the memory.
krb5_random_to_key()
converts the random bytestring to a protocol key according to Kerberos
crypto frame work.
It the resulting key will be of type
enctype
.
It may be assumed that all the bits of the input string are equally
random, even though the entropy present in the random source may be
limited