sec_key_mgmt_change_key-Change ("write") a principal's key in local key storage and in RS datastore.
#include <dce/keymgmt.h>
void sec_key_mgmt_change_key(
sec_key_mgmt_authn_service authn_service,
void *get_key_fn_arg,
idl_char *principal_name,
unsigned32 key_vno,
void *keydata,
sec_timeval_period_t *garbage_collect_time,
error_status_t *status);
Input
- authn_service
Identifies the authentication service appropriate for this key.
- get_key_fn_arg
Key acquisition routine argument (see<dce/keymgmt.h> ).
- principal_name
Name of the principal whose key is to be changed.
- key_vno
Version number of the new key.
- keydata
The supplied key data (see<dce/keymgmt.h> ).
Output
- garbage_collect_time
Number of seconds (from "now"), by which time all currently usable tickets (which are protected with the current or previous keys) will have expired (and can therefore be "garbage collected" by the application).
- status
The completion status.
Thesec_key_mgmt_change_key() routine performs all activities necessary to update a principal's key, both locally and remotely (that is, in local key storage and in the RS datastore), to the specified value. Old keys for the principal are also garbage collected, if appropriate. For more discussion, seeKey Management Facility .If key_vno is specified as 0 (zero), an appropriate non-zero key version number will be selected in an implementation-defined manner.
Any error (that is, status != error_status_ok) will leave the key state unchanged.
sec_key_mgmt_e_key_unavailable, sec_key_mgmt_e_authn_invalid, sec_key_mgmt_e_auth_unavailable, sec_key_mgmt_e_unauthorized, sec_key_mgmt_e_key_unsupported, sec_key_mgmt_e_key_version_ex, sec_rgy_server_unavailable, sec_rgy_object_not_found, sec_login_s_no_memory, error_status_ok.
Functions:sec_key_mgmt_generate_key() ,sec_key_mgmt_set_key() .Protocols:
rs_acct_replace() .
Contents | Next section | Index |