NAME
krb5_c_block_size,
krb5_c_decrypt,
krb5_c_encrypt,
krb5_c_encrypt_length,
krb5_c_enctype_compare,
krb5_c_get_checksum,
krb5_c_is_coll_proof_cksum,
krb5_c_is_keyed_cksum,
krb5_c_keylength,
krb5_c_make_checksum,
krb5_c_make_random_key,
krb5_c_set_checksum,
krb5_c_valid_cksumtype,
krb5_c_valid_enctype,
krb5_c_verify_checksum,
krb5_c_checksum_length —
Kerberos 5
crypto API
LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
SYNOPSIS
#include <krb5/krb5.h>
krb5_error_code
krb5_c_block_size(
krb5_context context,
krb5_enctype enctype,
size_t
*blocksize);
krb5_error_code
krb5_c_decrypt(
krb5_context context,
const krb5_keyblock key,
krb5_keyusage
usage,
const krb5_data *ivec,
krb5_enc_data *input,
krb5_data
*output);
krb5_error_code
krb5_c_encrypt(
krb5_context context,
const krb5_keyblock *key,
krb5_keyusage
usage,
const krb5_data *ivec,
const krb5_data *input,
krb5_enc_data
*output);
krb5_error_code
krb5_c_encrypt_length(
krb5_context
context,
krb5_enctype enctype,
size_t inputlen,
size_t *length);
krb5_error_code
krb5_c_enctype_compare(
krb5_context
context,
krb5_enctype e1,
krb5_enctype e2,
krb5_boolean
*similar);
krb5_error_code
krb5_c_make_random_key(
krb5_context
context,
krb5_enctype enctype,
krb5_keyblock *random_key);
krb5_error_code
krb5_c_make_checksum(
krb5_context
context,
krb5_cksumtype cksumtype,
const krb5_keyblock *key,
krb5_keyusage
usage,
const krb5_data *input,
krb5_checksum *cksum);
krb5_error_code
krb5_c_verify_checksum(
krb5_context
context,
const krb5_keyblock *key,
krb5_keyusage usage,
const krb5_data
*data,
const krb5_checksum *cksum,
krb5_boolean *valid);
krb5_error_code
krb5_c_checksum_length(
krb5_context
context,
krb5_cksumtype cksumtype,
size_t *length);
krb5_error_code
krb5_c_get_checksum(
krb5_context
context,
const krb5_checksum *cksum,
krb5_cksumtype *type,
krb5_data
**data);
krb5_error_code
krb5_c_set_checksum(
krb5_context
context,
krb5_checksum *cksum,
krb5_cksumtype type,
const krb5_data
*data);
krb5_boolean
krb5_c_valid_enctype(
krb5_enctype,
etype");
krb5_boolean
krb5_c_valid_cksumtype(
krb5_cksumtype
ctype);
krb5_boolean
krb5_c_is_coll_proof_cksum(
krb5_cksumtype
ctype);
krb5_boolean
krb5_c_is_keyed_cksum(
krb5_cksumtype
ctype);
krb5_error_code
krb5_c_keylengths(
krb5_context context,
krb5_enctype enctype,
size_t
*inlength,
size_t *keylength);
DESCRIPTION
The functions starting with krb5_c are compat functions with MIT kerberos.
The
krb5_enc_data
structure holds and encrypted data.
There are two public accessible members of
krb5_enc_data
.
enctype
that
holds the encryption type of the data encrypted and
ciphertext
that is a
krb5_data
that might contain the encrypted data.
krb5_c_block_size() returns the blocksize of the encryption
type.
krb5_c_decrypt() decrypts
input and
store the data in
output. If
ivec
is
NULL
the default initialization vector for that
encryption type will be used.
krb5_c_encrypt() encrypts the plaintext in
input and store the ciphertext in
output.
krb5_c_encrypt_length() returns the length the encrypted data
given the plaintext length.
krb5_c_enctype_compare() compares to encryption types and
returns if they use compatible encryption key types.
krb5_c_make_checksum() creates a checksum
cksum with the checksum type
cksumtype of the data in
data.
key and
usage are used if the
checksum is a keyed checksum type. Returns 0 or an error code.
krb5_c_verify_checksum() verifies the checksum of
data in
cksum that was created
with
key using the key usage
usage.
verify is set to non-zero
if the checksum verifies correctly and zero if not. Returns 0 or an error
code.
krb5_c_checksum_length() returns the length of the checksum.
krb5_c_set_checksum() sets the
krb5_checksum
structure given
type and
data. The content of
cksum should be freeed with
krb5_c_free_checksum_contents().
krb5_c_get_checksum() retrieves the components of the
krb5_checksum
. structure.
data
should be free with
krb5_free_data(). If some either of
data or
checksum is not needed for
the application,
NULL
can be passed in.
krb5_c_valid_enctype() returns true if
etype is a valid encryption type.
krb5_c_valid_cksumtype() returns true if
ctype is a valid checksum type.
krb5_c_is_keyed_cksum() return true if
ctype is a keyed checksum type.
krb5_c_is_coll_proof_cksum() returns true if
ctype is a collision proof checksum type.
krb5_c_keylengths() return the minimum length
(
inlength) bytes needed to create a key and the length
(
keylength) of the resulting key for the
enctype.
SEE ALSO
krb5(3),
krb5_create_checksum(3),
krb5_free_data(3),
kerberos(8)