table of contents
| KRB5_C_MAKE_CHECKSUM(3) | Library Functions Manual | KRB5_C_MAKE_CHECKSUM(3) |
NAME¶
krb5_c_block_size,
krb5_c_decrypt,
krb5_c_encrypt,
krb5_c_encrypt_length,
krb5_c_enctype_compare,
krb5_c_get_checksum,
krb5_c_is_coll_proof_cksum,
krb5_c_is_keyed_cksum,
krb5_c_keylength,
krb5_c_make_checksum,
krb5_c_make_random_key,
krb5_c_set_checksum,
krb5_c_valid_cksumtype,
krb5_c_valid_enctype,
krb5_c_verify_checksum,
krb5_c_checksum_length —
Kerberos 5 crypto API
LIBRARY¶
Kerberos 5 Library (libkrb5, -lkrb5)
SYNOPSIS¶
#include
<krb5.h>
krb5_error_code
krb5_c_block_size(krb5_context
context, krb5_enctype enctype,
size_t *blocksize);
krb5_error_code
krb5_c_decrypt(krb5_context
context, const krb5_keyblock key,
krb5_keyusage usage, const krb5_data
*ivec, krb5_enc_data *input,
krb5_data *output);
krb5_error_code
krb5_c_encrypt(krb5_context
context, const krb5_keyblock *key,
krb5_keyusage usage, const krb5_data
*ivec, const krb5_data *input,
krb5_enc_data *output);
krb5_error_code
krb5_c_encrypt_length(krb5_context
context, krb5_enctype enctype,
size_t inputlen, size_t
*length);
krb5_error_code
krb5_c_enctype_compare(krb5_context
context, krb5_enctype e1,
krb5_enctype e2, krb5_boolean
*similar);
krb5_error_code
krb5_c_make_random_key(krb5_context
context, krb5_enctype enctype,
krb5_keyblock *random_key);
krb5_error_code
krb5_c_make_checksum(krb5_context
context, krb5_cksumtype cksumtype,
const krb5_keyblock *key,
krb5_keyusage usage, const krb5_data
*input, krb5_checksum *cksum);
krb5_error_code
krb5_c_verify_checksum(krb5_context
context, const krb5_keyblock *key,
krb5_keyusage usage, const krb5_data
*data, const krb5_checksum *cksum,
krb5_boolean *valid);
krb5_error_code
krb5_c_checksum_length(krb5_context
context, krb5_cksumtype cksumtype,
size_t *length);
krb5_error_code
krb5_c_get_checksum(krb5_context
context, const krb5_checksum *cksum,
krb5_cksumtype *type, krb5_data
**data);
krb5_error_code
krb5_c_set_checksum(krb5_context
context, krb5_checksum *cksum,
krb5_cksumtype type, const krb5_data
*data);
krb5_boolean
krb5_c_valid_enctype(krb5_enctype,
etype");
krb5_boolean
krb5_c_valid_cksumtype(krb5_cksumtype
ctype);
krb5_boolean
krb5_c_is_coll_proof_cksum(krb5_cksumtype
ctype);
krb5_boolean
krb5_c_is_keyed_cksum(krb5_cksumtype
ctype);
krb5_error_code
krb5_c_keylengths(krb5_context
context, krb5_enctype enctype,
size_t *inlength, size_t
*keylength);
DESCRIPTION¶
The functions starting with krb5_c are compat functions with MIT kerberos.
The krb5_enc_data structure holds and
encrypted data. There are two public accessible members of
krb5_enc_data. enctype that
holds the encryption type of the data encrypted and
ciphertext that is a krb5_data
that might contain the encrypted data.
krb5_c_block_size()
returns the blocksize of the encryption type.
krb5_c_decrypt()
decrypts input and store the data in
output. If ivec is
NULL the default initialization vector for that
encryption type will be used.
krb5_c_encrypt()
encrypts the plaintext in input and store the
ciphertext in output.
krb5_c_encrypt_length()
returns the length the encrypted data given the plaintext length.
krb5_c_enctype_compare()
compares to encryption types and returns if they use compatible encryption
key types.
krb5_c_make_checksum()
creates a checksum cksum with the checksum type
cksumtype of the data in data.
key and usage are used if the
checksum is a keyed checksum type. Returns 0 or an error code.
krb5_c_verify_checksum()
verifies the checksum of data in
cksum that was created with key
using the key usage usage.
verify is set to non-zero if the checksum verifies
correctly and zero if not. Returns 0 or an error code.
krb5_c_checksum_length()
returns the length of the checksum.
krb5_c_set_checksum()
sets the krb5_checksum structure given
type and data. The content of
cksum should be freeed with
krb5_c_free_checksum_contents().
krb5_c_get_checksum()
retrieves the components of the krb5_checksum.
structure. data should be free with
krb5_free_data().
If some either of data or
checksum is not needed for the application,
NULL can be passed in.
krb5_c_valid_enctype()
returns true if etype is a valid encryption type.
krb5_c_valid_cksumtype()
returns true if ctype is a valid checksum type.
krb5_c_is_keyed_cksum()
return true if ctype is a keyed checksum type.
krb5_c_is_coll_proof_cksum()
returns true if ctype is a collision proof checksum
type.
krb5_c_keylengths()
return the minimum length (inlength) bytes needed to
create a key and the length (keylength) of the
resulting key for the enctype.
SEE ALSO¶
krb5(3), krb5_create_checksum(3), krb5_free_data(3), kerberos(8)
| November 17, 2006 | HEIMDAL |