Previous section.

DCE 1.1: Authentication and Security Services
Copyright © 1997 The Open Group


sec_key_mgmt_set_key-Insert a key value into local storage.


#include <dce/keymgmt.h>

void sec_key_mgmt_set_key(
    sec_key_mgmt_authn_service authn_service,
    void *get_key_fn_arg,
    idl_char *principal_name,
    unsigned32 key_vno,
    void *keydata,
    error_status_t *status);




Identifies the authentication service appropriate for this key.


Key acquisition routine argument (see <dce/keymgmt.h>).


Name of the principal associated with the key to be set.


Version number of the key to be set.


The key to be stored (see <dce/keymgmt.h>).



The completion status.


The sec_key_mgmt_set_key() routine sets a specified key value in local key storage. This routine does not update the RS.

There exist circumstances in which a server may only wish to change its key in the local key storage, and not in the RS datastore. For one example, when a new server principal is created, its initial key must be set in local key store "manually" (that is, via sec_key_mgmt_set_key()). For another example, a database system may have several replicas of a master database, each managed by a server running on a different machine. Since these servers together represent only one "service", they may (depending on policy) all share the same key. This way, a client with a ticket to use the database can, for example, choose whichever server is least busy. To change the key of such a replicated "service", the master server could signal all the "slave" ("secondary") servers to change the current key in their local key storage. Each of them would use sec_key_mgmt_set_key() (which does not update the key in the RS). Once all the slaves have complied, the master server can then change its own local key and the RS key.

The storage for keydata is allocated dynamically; this storage may be freed with sec_key_mgmt_free_key().


error_status_ok, sec_key_mgmt_e_authn_invalid, sec_key_mgmt_e_key_unavailable, sec_key_mgmt_e_key_unsupported, sec_key_mgmt_e_key_version_ex, sec_key_mgmt_e_unauthorized.


Functions: sec_key_mgmt_change_key(), sec_key_mgmt_gen_rand_key().
Please note that the html version of this specification may contain formatting aberrations. The definitive version is available as an electronic publication on CD-ROM from The Open Group.

Contents Next section Index