krb5_keyblock holds the encryption key for a specific encryption type. There is no component inside
krb5_keyblock that is directly referable.
krb5_keyblock_get_enctype() returns the encryption type of the keyblock.
krb5_copy_keyblock() makes a copy the keyblock
inblock to the output
out.
out should be freed by the caller with
krb5_free_keyblock.
krb5_copy_keyblock_contents() copies the contents of
inblock to the
to keyblock. The destination keyblock is overritten.
krb5_free_keyblock() zeros out and frees the content and the keyblock itself.
krb5_free_keyblock_contents() zeros out and frees the content of the keyblock.
krb5_generate_random_keyblock() creates a new content of the keyblock
key of type encrytion type
type. The content of
key is overwritten and not freed, so the caller should be sure it is freed before calling the function.
krb5_generate_subkey() generates a
subkey of the same type as
key. The caller must free the subkey with
krb5_free_keyblock.
krb5_generate_subkey_extended() generates a
subkey of the specified encryption type
type. If
type is
ETYPE_NULL, of the same type as
key. The caller must free the subkey with
krb5_free_keyblock.
krb5_keyblock_init() Fill in
key with key data of type
enctype from
data of length
size. Key should be freed using
krb5_free_keyblock_contents().
krb5_keyblock_zero() zeros out the keyblock to to make sure no keymaterial is in memory. Note that
krb5_free_keyblock_contents() also zeros out the memory.
krb5_random_to_key() converts the random bytestring to a protocol key according to Kerberos crypto frame work. It the resulting key will be of type
enctype. It may be assumed that all the bits of the input string are equally random, even though the entropy present in the random source may be limited