Scroll to navigation

KRB5_STRING_TO_KEY(3) Library Functions Manual KRB5_STRING_TO_KEY(3)

NAME

krb5_string_to_key, krb5_string_to_key_data, krb5_string_to_key_data_salt, krb5_string_to_key_data_salt_opaque, krb5_string_to_key_salt, krb5_string_to_key_salt_opaque, krb5_get_pw_salt, krb5_free_salt
turns a string to a Kerberos key

LIBRARY

Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS

#include <krb5.h>

krb5_error_code
krb5_string_to_key(krb5_context context, krb5_enctype enctype, const char *password, krb5_principal principal, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_data(krb5_context context, krb5_enctype enctype, krb5_data password, krb5_principal principal, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_data_salt(krb5_context context, krb5_enctype enctype, krb5_data password, krb5_salt salt, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_data_salt_opaque(krb5_context context, krb5_enctype enctype, krb5_data password, krb5_salt salt, krb5_data opaque, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_salt(krb5_context context, krb5_enctype enctype, const char *password, krb5_salt salt, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_salt_opaque(krb5_context context, krb5_enctype enctype, const char *password, krb5_salt salt, krb5_data opaque, krb5_keyblock *key);

krb5_error_code
krb5_get_pw_salt(krb5_context context, krb5_const_principal principal, krb5_salt *salt);

krb5_error_code
krb5_free_salt(krb5_context context, krb5_salt salt);

DESCRIPTION

The string to key functions convert a string to a kerberos key.

krb5_string_to_key_data_salt_opaque() is the function that does all the work, the rest of the functions are just wrappers around krb5_string_to_key_data_salt_opaque() that calls it with default values.

krb5_string_to_key_data_salt_opaque() transforms the password with the given salt-string salt and the opaque, encryption type specific parameter opaque to a encryption key key according to the string to key function associated with enctype.

The key should be freed with krb5_free_keyblock_contents().

If one of the functions that doesn't take a krb5_salt as it argument krb5_get_pw_salt() is used to get the salt value.

krb5_get_pw_salt() get the default password salt for a principal, use krb5_free_salt() to free the salt when done.

krb5_free_salt() frees the content of salt.

SEE ALSO

krb5(3), krb5_data(3), krb5_keyblock(3), kerberos(8)
July 10, 2006 HEIMDAL