Move some krb5 keys related functions from ipa-client to util

1 files changed, 36 insertions, 0 deletions

diff --git a/util/ipa_krb5.h b/util/ipa_krb5.h
index f0513d109..97ffc47b5 100644
--- a/util/ipa_krb5.h
+++ b/util/ipa_krb5.h
@@ -4,6 +4,30 @@
 #include <krb5/krb5.h>
 #include <kdb.h>
 
+struct krb_key_salt {
+    krb5_enctype enctype;
+    krb5_int32 salttype;
+    krb5_keyblock key;
+    krb5_data salt;
+};
+
+struct keys_container {
+    krb5_int32 nkeys;
+    struct krb_key_salt *ksdata;
+};
+
+/* Salt types */
+#define NO_SALT                        -1
+#define KRB5_KDB_SALTTYPE_NORMAL        0
+#define KRB5_KDB_SALTTYPE_V4            1
+#define KRB5_KDB_SALTTYPE_NOREALM       2
+#define KRB5_KDB_SALTTYPE_ONLYREALM     3
+#define KRB5_KDB_SALTTYPE_SPECIAL       4
+#define KRB5_KDB_SALTTYPE_AFS3          5
+
+#define KEYTAB_SET_OID "2.16.840.1.113730.3.8.10.1"
+#define KEYTAB_RET_OID "2.16.840.1.113730.3.8.10.2"
+
 void
 ipa_krb5_free_ktypes(krb5_context context, krb5_enctype *val);
 
@@ -36,4 +60,16 @@ krb5_error_code filter_key_salt_tuples(krb5_context context,
                                        krb5_key_salt_tuple *req, int n_req,
                                        krb5_key_salt_tuple *supp, int n_supp,
                                        krb5_key_salt_tuple **res, int *n_res);
+
+void free_keys_contents(krb5_context krbctx, struct keys_container *keys);
+
+struct berval *create_key_control(struct keys_container *keys,
+                                  const char *principalName);
+
+int create_keys(krb5_context krbctx,
+                krb5_principal princ,
+                char *password,
+                const char *enctypes_string,
+                struct keys_container *keys,
+                char **err_msg);
 #endif /* __IPA_KRB5_H_ */