diff options
| author | Barry Jaspan <bjaspan@mit.edu> | 1996-07-09 20:24:49 +0000 |
|---|---|---|
| committer | Barry Jaspan <bjaspan@mit.edu> | 1996-07-09 20:24:49 +0000 |
| commit | 196cc1e63ff9b8509411d0509af774cdcfcc5d09 (patch) | |
| tree | 564c20884979b7f5cb4ae40dd3391e3256aaeb63 /doc | |
| parent | 02dc3de4cb9553e45d29053b923b083d670db5fa (diff) | |
| download | krb5-196cc1e63ff9b8509411d0509af774cdcfcc5d09.tar.gz krb5-196cc1e63ff9b8509411d0509af774cdcfcc5d09.tar.xz krb5-196cc1e63ff9b8509411d0509af774cdcfcc5d09.zip | |
add kadm5_decrypt_key
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8612 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/kadm5/api-funcspec.tex | 37 |
1 files changed, 31 insertions, 6 deletions
diff --git a/doc/kadm5/api-funcspec.tex b/doc/kadm5/api-funcspec.tex index e00fa160b..679440382 100644 --- a/doc/kadm5/api-funcspec.tex +++ b/doc/kadm5/api-funcspec.tex @@ -860,6 +860,7 @@ chpass_principal & changepw\footnotemark[\thefootnote] & chpass_principal_util & changepw\footnotemark[\thefootnote] & Utility wrapper around chpass_principal. \\ randkey_principal & changepw\footnotemark[\thefootnote] & Randomize a principal's key. \\ +decrypt_key & none & Decrypt a principal key. \\ create_policy & add & Create a new policy. \\ delete_policy & delete & Delete a policy. \\ modify_policy & modify & Modify the attributes of a policy. \\ @@ -925,12 +926,12 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass, void **server_handle) kadm5_ret_t kadm5_init_with_creds(char *client_name, - krb5_ccache ccache, - char *service_name, - kadm5_config_params *params, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - void **server_handle) + krb5_ccache ccache, + char *service_name, + kadm5_config_params *params, + krb5_ui_4 struct_version, + krb5_ui_4 api_version, + void **server_handle) \end{verbatim} AUTHORIZATION REQUIRED: none @@ -1610,6 +1611,30 @@ RETURN CODES: \end{description} +\subsection{kadm5_decyrpt_key} + +\begin{verbatim} +kadm5_ret_t kadm5_decrypt_key(void *server_handle, + kadm5_principal_ent_t entry, krb5_int32 + ktype, krb5_int32 stype, krb5_int32 + kvno, krb5_keyblock *keyblock, + krb5_keysalt *keysalt, int *kvnop) +\end{verbatim} + +AUTHORIZATION REQUIRED: none, local function + +Searches a principal's key_data array to find a key with the specified +enctype, salt type, and kvno, and decrypts the key into keyblock and +keysalt if found. entry must have been returned by +kadm5_get_principal with at least the KADM5_KEY_DATA mask set. +Returns ENOENT if the key cannot be found, EINVAL if the key_data +array is empty (as it always is in an RPC client). + +If ktype or stype is -1, it is ignored for the search. If kvno is -1, +ktype and stype are ignored and the key with the max kvno is returned. +If kvno is 0, only the key with the max kvno is returned and only if +it matches the ktype and stype; otherwise, ENOENT is returned. + \subsection{kadm5_get_principals} \begin{verbatim} |