Key Management API

Introduction

The routines in the Key Management API are distinguished with names having the prefix "sec_key_mgmt".

Background is given in Introduction to Security Services , especially Key Management Facility .

On input, those routines in this API that take a keydata argument expect a value of data type sec_passwd_rec_t *, and those that take a keytype argument expect a value of data type sec_passwd_type_t *; furthermore, both of these arguments must be non-NULL pointers to single values (not arrays). On output, those operations that give a keydata argument yield a value of data type sec_passwd_rec_t *, this being a pointer to the first element of an array; this array is terminated by an element whose key_type is sec_passwd_none.

Those routines in this API that take a void *get_key_fn_arg argument expect a specification of "local key storage management", as defined in this paragraph. Any value of get_key_fn_arg other than the two special ones specified in the remainder of this paragraph indicates a (single) argument to be passed to an application-defined "key acquisition routine" (a value of type rpc_auth_key_retrieval_fn_t; that is, an arg as for rpc_server_register_auth_info() in the referenced Open Group DCE 1.1 RPC Specification; see also Section D.7, Authentication, Authorisation and Protection-level Arguments of that specification). If get_key_fn_arg is a string value (of type idl_char *) that begins with the substring FILE: (that is, is of the form "FILE:xy···z" where xy···z denotes a substring of arbitrary non-zero length) this indicates that local key storage is implemented via a default implicit implementation-defined key acquisition routine (not further specified in this specification) in the local key table file whose full pathname (in the local system's file namespace) is xy···z. A NULL value of get_key_fn_arg indicates the default implicit implementation-defined key acquisition routine (defined in the previous sentence), using an implementation-defined default key table file (typically, on POSIX systems, this default key table file is named /krb/v5srvtab; that is, this case corresponds to the previous case with argument FILE:/krb/v5srvtab).

Note:

Access to local resources is subject to implementation and local system access control policies. This is not further mentioned in the entries for these routines, though it does have implications for implementations. For example, local key storage implemented in a local file, such as /krb/v5srvtab, is subject to local access control considerations. As such, implementations should exercise due caution in protecting such files (for example, such files should not be located on partitions that can be remotely mounted in an unprotected manner via a network filesystem).