diff options
author | John Kohl <jtkohl@mit.edu> | 1990-05-30 19:16:12 +0000 |
---|---|---|
committer | John Kohl <jtkohl@mit.edu> | 1990-05-30 19:16:12 +0000 |
commit | 6df379c29d553a1e73037b24d92912f9280305a5 (patch) | |
tree | 629c5a95755044cbe7174f9eeb7aec0ef0a93320 /doc/api | |
parent | ece130e23c695656b8bb2e993dbd4f486a953b0e (diff) | |
download | krb5-6df379c29d553a1e73037b24d92912f9280305a5.tar.gz krb5-6df379c29d553a1e73037b24d92912f9280305a5.tar.xz krb5-6df379c29d553a1e73037b24d92912f9280305a5.zip |
*** empty log message ***
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@970 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'doc/api')
-rw-r--r-- | doc/api/ccache.tex | 5 | ||||
-rw-r--r-- | doc/api/functions.sty | 44 | ||||
-rw-r--r-- | doc/api/keytab.tex | 3 | ||||
-rw-r--r-- | doc/api/krb5.tex | 43 | ||||
-rw-r--r-- | doc/api/libdes.tex | 38 | ||||
-rw-r--r-- | doc/api/libos.tex | 2 | ||||
-rw-r--r-- | doc/api/library.tex | 48 | ||||
-rw-r--r-- | doc/api/rcache.tex | 4 |
8 files changed, 187 insertions, 0 deletions
diff --git a/doc/api/ccache.tex b/doc/api/ccache.tex new file mode 100644 index 0000000000..33addc51d8 --- /dev/null +++ b/doc/api/ccache.tex @@ -0,0 +1,5 @@ +The credentials cache functions (some of which are macros which call to +specific types of credentials caches) deal with storing credentials +(tickets, session keys, and other identifying information) in a +semi-permanent store for later use by different programs. + diff --git a/doc/api/functions.sty b/doc/api/functions.sty new file mode 100644 index 0000000000..c30c730b29 --- /dev/null +++ b/doc/api/functions.sty @@ -0,0 +1,44 @@ +% +% definitions related to function declarations/displays +% +\ifx\undefined\@psfonts +\def\argfont{\tt} +\else +\font\argfont = c-bol +\hyphenchar\argfont = -1 +\fi +\newcount\argc@ount +% funcdecl is used as \begin{funcdecl}[funcname]{return type}{firstline} +\def\funcdecl{\makeunderletter\@moreindex} +% +% this isn't quite right; we need to have \@morefuncdecl{#1} get #1 +% expanded and then re-scanned by TeX to reassign catcodes to _'s in it. +% +\def\@moreindex[#1]{\index{#1}\makeunderactive\@morefuncdecl{#1}} +\def\@morefuncdecl#1#2#3{\argc@ount=0\begin{tabbing} +#2 \\ +{\bf #1}(\= \+ #3%\doindex% +} +\def\endfuncdecl{) +\end{tabbing} +} +\newcommand{\docomm@}{\ifnum\argc@ount >0, \\\fi} +\newcommand{\funcvoid}{} +\newcommand{\funcin}{\docomm@\argc@ount=0{\it /* IN */}\\} +\newcommand{\funcinout}{\docomm@\argc@ount=0{\it /* INOUT */}\\} +\newcommand{\funcout}{\docomm@\argc@ount=0{\it /* OUT */}\\} +\newcommand{\funcarg}[2]{\docomm@#1 {\argfont #2}\advance\argc@ount by1} +\newcommand{\funcparam}[1]{{\argfont #1}} +\newcommand{\funcname}[1]{{\bf #1}()} +\newcommand{\libname}[1]{{\argfont #1}} +\newcommand{\ptsto}{->\discretionary{}{}{}} +\newcommand{\datatype}[1]{{\bf #1}} + + + + + + + + + diff --git a/doc/api/keytab.tex b/doc/api/keytab.tex new file mode 100644 index 0000000000..cf68d2ba34 --- /dev/null +++ b/doc/api/keytab.tex @@ -0,0 +1,3 @@ +The key table functions deal with storing and retrieving service keys +for use by unattended services which participate in authentication exchanges. + diff --git a/doc/api/krb5.tex b/doc/api/krb5.tex new file mode 100644 index 0000000000..51dbe3504b --- /dev/null +++ b/doc/api/krb5.tex @@ -0,0 +1,43 @@ +The main functions deal with the nitty-gritty details: verifying +tickets, creating authenticators, and the like. + +\begin{funcdecl}[krb5_encode_kdc_rep]{krb5_error_code}{\funcin} +\funcarg{krb5_msgtype}{type} +\funcarg{krb5_enc_kdc_rep_part *}{encpart} +\funcarg{krb5_keyblock *}{client_key} +\funcinout +\funcarg{krb5_kdc_rep *}{dec_rep} +\funcout +\funcarg{krb5_data *}{enc_rep} +\end{funcdecl} + +Takes KDC rep parts in \funcparam{*rep} and \funcparam{*encpart}, and +formats it into \funcparam{*enc_rep}, using message type \funcparam{type} +and encryption key \funcparam{client_key} and encryption type +\funcparam{dec_rep{\ptsto}etype}. + +\funcparam{enc_rep{\ptsto}data} will point to allocated storage upon +non-error return; the caller should free it when finished. + +Returns system errors. + +\begin{funcdecl}[krb5_decode_kdc_rep]{krb5_error_code}{\funcin} +\funcarg{krb5_data *}{enc_rep} +\funcarg{krb5_keyblock *}{key} +\funcarg{krb5_enctype}{etype} +\funcout +\funcarg{krb5_kdc_rep **}{dec_rep} +\end{funcdecl} + +Takes a KDC_REP message and decrypts encrypted part using +\funcparam{etype} and \funcparam{*key}, putting result in \funcparam{*rep}. +The pointers in \funcparam{dec_rep} +are all set to allocated storage which should be freed by the caller +when finished with the response (by using \funcname{krb5_free_kdc_rep}). + + +If the response isn't a KDC_REP (tgs or as), it returns an error from +the decoding routines (usually ISODE_50_LOCAL_ERR_BADDECODE). + +Returns errors from encryption routines, system errors. + diff --git a/doc/api/libdes.tex b/doc/api/libdes.tex new file mode 100644 index 0000000000..d72482e911 --- /dev/null +++ b/doc/api/libdes.tex @@ -0,0 +1,38 @@ +\documentstyle[newcen,fixunder,functions,twoside]{article} +\setlength{\oddsidemargin}{0.25in} +\setlength{\evensidemargin}{-0.25in} +\setlength{\topmargin}{-.5in} +\setlength{\textheight}{9in} +\setlength{\parskip}{.1in} +\setlength{\parindent}{2em} +\setlength{\textwidth}{6.25in} + +\pagestyle{headings} +\begin{document} +\begin{center} +{\Huge Kerberos V5 Data Encryption Standard library} \\ +{\Large DRAFT} +\end{center} +\section{DES functions} +The DES functions conform to the encryption interface required by the +Kerberos version 5 library, and provide an encryption mechanism based on +the DES Cipher-block chaining mode (CBC), with the addition of a +cyclical redundancy check (CRC-32) for integrity checking upon +decryption. + +The functions have the same signatures as those described by the main +library document; the names are: +{\obeylines +\funcname{mit_des_encrypt_func} +\funcname{mit_des_decrypt_func} +\funcname{mit_des_process_key} +\funcname{mit_des_finish_key} +\funcname{mit_des_string_to_key} +\funcname{mit_des_init_random_key} +\funcname{mit_des_finish_random_key} +\funcname{mit_des_random_key} +} +The \datatype{krb5_cryptosystem_entry} for this cryptosystem is +\libname{mit_des_cryptosystem_entry}. + +\end{document} diff --git a/doc/api/libos.tex b/doc/api/libos.tex new file mode 100644 index 0000000000..81d40fbbf8 --- /dev/null +++ b/doc/api/libos.tex @@ -0,0 +1,2 @@ +The operating-system specific functions provide an interface between the +other parts of the {\tt libkrb5.a} libraries and the operating system. diff --git a/doc/api/library.tex b/doc/api/library.tex new file mode 100644 index 0000000000..4001d99137 --- /dev/null +++ b/doc/api/library.tex @@ -0,0 +1,48 @@ +\documentstyle[newcen,fixunder,functions,twoside]{article} +\setlength{\oddsidemargin}{0.25in} +\setlength{\evensidemargin}{-0.25in} +\setlength{\topmargin}{-.5in} +\setlength{\textheight}{9in} +\setlength{\parskip}{.1in} +\setlength{\parindent}{2em} +\setlength{\textwidth}{6.25in} +\makeindex +\pagestyle{headings} +\begin{document} +\begin{center} +{\Huge Kerberos V5 application programming library} \\ +{\Large DRAFT} +\end{center} +\section{libkrb5.a functions} +This section describes the functions provided in the {\tt libkrb5.a} +library. The library is built from several pieces, mostly for convenience in +programming, maintenance, and porting. +\subsection{Main functions} +\input{krb5.tex} + +\subsection{Credentials cache functions} +\input{ccache.tex} + +\subsection{Replay cache functions} +\input{rcache.tex} + +\subsection{Key table functions} +\input{keytab.tex} + +\subsection{Operating-system specific functions} +\input{libos.tex} + +\section{CRC-32 checksum functions} +\input{crc-32.tex} + +\section{Principal database functions} + +\input{kdb.tex} + +\section{Encryption system interface} +\input{encrypt.tex} + +\appendix +\cleardoublepage +\input{\jobname.ind} +\end{document} diff --git a/doc/api/rcache.tex b/doc/api/rcache.tex new file mode 100644 index 0000000000..06cf1d98c3 --- /dev/null +++ b/doc/api/rcache.tex @@ -0,0 +1,4 @@ +The replay cache functions deal with verifying that AP_REQ's do not +contain duplicate authenticators; the storage must be non-volatile for +the site-determined validity period of authenticators. + |