Scroll to navigation

KRB5_C_MAKE_CHECKSUM(3) Library Functions Manual KRB5_C_MAKE_CHECKSUM(3)


krb5_c_block_size, krb5_c_decrypt, krb5_c_encrypt, krb5_c_encrypt_length, krb5_c_enctype_compare, krb5_c_get_checksum, krb5_c_is_coll_proof_cksum, krb5_c_is_keyed_cksum, krb5_c_keylength, krb5_c_make_checksum, krb5_c_make_random_key, krb5_c_set_checksum, krb5_c_valid_cksumtype, krb5_c_valid_enctype, krb5_c_verify_checksum, krb5_c_checksum_lengthKerberos 5 crypto API


Kerberos 5 Library (libkrb5, -lkrb5)


#include <krb5.h>

krb5_c_block_size(krb5_context context, krb5_enctype enctype, size_t *blocksize);

krb5_c_decrypt(krb5_context context, const krb5_keyblock key, krb5_keyusage usage, const krb5_data *ivec, krb5_enc_data *input, krb5_data *output);

krb5_c_encrypt(krb5_context context, const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *ivec, const krb5_data *input, krb5_enc_data *output);

krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype, size_t inputlen, size_t *length);

krb5_c_enctype_compare(krb5_context context, krb5_enctype e1, krb5_enctype e2, krb5_boolean *similar);

krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, krb5_keyblock *random_key);

krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype, const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *input, krb5_checksum *cksum);

krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *data, const krb5_checksum *cksum, krb5_boolean *valid);

krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype, size_t *length);

krb5_c_get_checksum(krb5_context context, const krb5_checksum *cksum, krb5_cksumtype *type, krb5_data **data);

krb5_c_set_checksum(krb5_context context, krb5_checksum *cksum, krb5_cksumtype type, const krb5_data *data);

krb5_c_valid_enctype(krb5_enctype, etype");

krb5_c_valid_cksumtype(krb5_cksumtype ctype);

krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype);

krb5_c_is_keyed_cksum(krb5_cksumtype ctype);

krb5_c_keylengths(krb5_context context, krb5_enctype enctype, size_t *inlength, size_t *keylength);


The functions starting with krb5_c are compat functions with MIT kerberos.

The krb5_enc_data structure holds and encrypted data. There are two public accessible members of krb5_enc_data. enctype that holds the encryption type of the data encrypted and ciphertext that is a krb5_data that might contain the encrypted data.

() returns the blocksize of the encryption type.

() decrypts input and store the data in output. If ivec is NULL the default initialization vector for that encryption type will be used.

() encrypts the plaintext in input and store the ciphertext in output.

() returns the length the encrypted data given the plaintext length.

() compares to encryption types and returns if they use compatible encryption key types.

() creates a checksum cksum with the checksum type cksumtype of the data in data. key and usage are used if the checksum is a keyed checksum type. Returns 0 or an error code.

() verifies the checksum of data in cksum that was created with key using the key usage usage. verify is set to non-zero if the checksum verifies correctly and zero if not. Returns 0 or an error code.

() returns the length of the checksum.

() sets the krb5_checksum structure given type and data. The content of cksum should be freeed with ().

() retrieves the components of the krb5_checksum. structure. data should be free with (). If some either of data or checksum is not needed for the application, NULL can be passed in.

() returns true if etype is a valid encryption type.

() returns true if ctype is a valid checksum type.

() return true if ctype is a keyed checksum type.

() returns true if ctype is a collision proof checksum type.

() return the minimum length (inlength) bytes needed to create a key and the length (keylength) of the resulting key for the enctype.


krb5(3), krb5_create_checksum(3), krb5_free_data(3), kerberos(8)

November 17, 2006 HEIMDAL