diff options
| author | Nancy Gilman <nlgilman@mit.edu> | 1994-01-13 01:53:28 +0000 |
|---|---|---|
| committer | Nancy Gilman <nlgilman@mit.edu> | 1994-01-13 01:53:28 +0000 |
| commit | 1b627b36caf3e1d5d7a7968c4008f56f2e82ae8e (patch) | |
| tree | f968cfae77131a47e1a9f66ac4b4d2a36c997e2f /doc/implement/kdb-i.tex | |
| parent | 81ae975106c242b241524a024cf8d27f5118dae7 (diff) | |
| download | krb5-1b627b36caf3e1d5d7a7968c4008f56f2e82ae8e.zip krb5-1b627b36caf3e1d5d7a7968c4008f56f2e82ae8e.tar.gz krb5-1b627b36caf3e1d5d7a7968c4008f56f2e82ae8e.tar.bz2 | |
nlg- updated based on function prototypes
arguments should now be correct
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3305 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'doc/implement/kdb-i.tex')
| -rw-r--r-- | doc/implement/kdb-i.tex | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/doc/implement/kdb-i.tex b/doc/implement/kdb-i.tex index 443a7b7..fb9ac80 100644 --- a/doc/implement/kdb-i.tex +++ b/doc/implement/kdb-i.tex @@ -147,7 +147,7 @@ Returns error code if not all entries were stored. Iterates over the database, fetching every entry in an unspecified order and calling \funcparam{(*func)}(\funcparam{iterate_arg}, -{\sl principal\/}) where {\sl principal\/} points to a record from the +\funcparam{principal}) where \funcparam{principal} points to a record from the database. If \funcparam{(*func)}() ever returns an error code, the iteration is @@ -168,6 +168,7 @@ principal name \funcparam{mname} is used. \funcarg{krb5_encrypt_block *}{eblock} \funcarg{krb5_boolean}{fromkeyboard} \funcarg{krb5_boolean}{twice} +\funcarg{krb5_data }{salt} \funcinout \funcarg{krb5_keyblock *}{key} \end{funcdecl} @@ -175,23 +176,30 @@ principal name \funcparam{mname} is used. Get the KDC database master key from somewhere, filling it into \funcparam{*key}. \funcparam{key{\ptsto}keytype} should be set to the desired key type. + If \funcparam{fromkeyboard} is TRUE, then the master key is read as a password -from the user's terminal. In this case, +from the user's terminal. In this case: \funcparam{eblock} should point to a block with an appropriate -\funcname{string_to_key} function. -If \funcparam{twice} is TRUE, the password is read twice for verification. +\funcname{string_to_key} function; if \funcparam{twice} is TRUE, the +password is read twice for verification; and if \funcparam{salt} is +non-NULL, it is used as the salt when converting the typed +password to the master key. + If \funcparam{fromkeyboard} is false, then the key is read from a file whose name is derived from the principal name \funcparam{mname}. +Therefore, \funcparam{eblock}, \funcparam{twice} and \funcparam{salt} +are ignored. + \funcparam{mname} is the name of the key sought; this is often used by \funcname{string_to_key} to aid in conversion of the password to a key. \begin{funcdecl}{krb5_kdb_encrypt_key}{krb5_error_code}{\funcin} \funcarg{krb5_encrypt_block *}{eblock} -\funcarg{krb5_keyblock *}{in} +\funcarg{const krb5_keyblock *}{in} \funcinout -\funcarg{krb5_keyblock *}{out} +\funcarg{krb5_encrypted_keyblock *}{out} \end{funcdecl} Encrypt a key for storage in the database. \funcparam{eblock} is used @@ -201,7 +209,7 @@ freed when the caller is finished with it. \begin{funcdecl}{krb5_kdb_decrypt_key}{krb5_error_code}{\funcin} \funcarg{krb5_encrypt_block *}{eblock} -\funcarg{krb5_keyblock *}{in} +\funcarg{const krb5_encrypted_keyblock *}{in} \funcinout \funcarg{krb5_keyblock *}{out} \end{funcdecl} |