DOKK / manpages / debian 10 / heimdal-dev / krb5_string_to_key_salt_opaque.3.en
KRB5_STRING_TO_KEY(3) Library Functions Manual KRB5_STRING_TO_KEY(3)

krb5_string_to_key, krb5_string_to_key_data, krb5_string_to_key_data_salt, krb5_string_to_key_data_salt_opaque, krb5_string_to_key_salt, krb5_string_to_key_salt_opaque, krb5_get_pw_salt, krb5_free_saltturns a string to a Kerberos key

Kerberos 5 Library (libkrb5, -lkrb5)

#include <krb5.h>

krb5_error_code
krb5_string_to_key(krb5_context context, krb5_enctype enctype, const char *password, krb5_principal principal, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_data(krb5_context context, krb5_enctype enctype, krb5_data password, krb5_principal principal, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_data_salt(krb5_context context, krb5_enctype enctype, krb5_data password, krb5_salt salt, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_data_salt_opaque(krb5_context context, krb5_enctype enctype, krb5_data password, krb5_salt salt, krb5_data opaque, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_salt(krb5_context context, krb5_enctype enctype, const char *password, krb5_salt salt, krb5_keyblock *key);

krb5_error_code
krb5_string_to_key_salt_opaque(krb5_context context, krb5_enctype enctype, const char *password, krb5_salt salt, krb5_data opaque, krb5_keyblock *key);

krb5_error_code
krb5_get_pw_salt(krb5_context context, krb5_const_principal principal, krb5_salt *salt);

krb5_error_code
krb5_free_salt(krb5_context context, krb5_salt salt);

The string to key functions convert a string to a kerberos key.

() is the function that does all the work, the rest of the functions are just wrappers around krb5_string_to_key_data_salt_opaque() that calls it with default values.

() transforms the password with the given salt-string salt and the opaque, encryption type specific parameter opaque to a encryption key key according to the string to key function associated with enctype.

The key should be freed with ().

If one of the functions that doesn't take a krb5_salt as it argument () is used to get the salt value.

() get the default password salt for a principal, use krb5_free_salt() to free the salt when done.

() frees the content of salt.

krb5(3), krb5_data(3), krb5_keyblock(3), kerberos(8)

July 10, 2006 HEIMDAL