Previous section.

DCE 1.1: Authentication and Security Services
Copyright © 1997 The Open Group

NAME

sec_key_mgmt_set_key-Insert a key value into local storage.

SYNOPSIS

#include <dce/keymgmt.h>

void sec_key_mgmt_set_key(
    sec_key_mgmt_authn_service authn_service,
    void *get_key_fn_arg,
    idl_char *principal_name,
    unsigned32 key_vno,
    void *keydata,
    error_status_t *status);

PARAMETERS

Input

authn_service

Identifies the authentication service appropriate for this key.

get_key_fn_arg

Key acquisition routine argument (see <dce/keymgmt.h>).

principal_name

Name of the principal associated with the key to be set.

key_vno

Version number of the key to be set.

keydata

The key to be stored (see <dce/keymgmt.h>).

Output

status

The completion status.

DESCRIPTION

The sec_key_mgmt_set_key() routine sets a specified key value in local key storage. This routine does not update the RS.

There exist circumstances in which a server may only wish to change its key in the local key storage, and not in the RS datastore. For one example, when a new server principal is created, its initial key must be set in local key store "manually" (that is, via sec_key_mgmt_set_key()). For another example, a database system may have several replicas of a master database, each managed by a server running on a different machine. Since these servers together represent only one "service", they may (depending on policy) all share the same key. This way, a client with a ticket to use the database can, for example, choose whichever server is least busy. To change the key of such a replicated "service", the master server could signal all the "slave" ("secondary") servers to change the current key in their local key storage. Each of them would use sec_key_mgmt_set_key() (which does not update the key in the RS). Once all the slaves have complied, the master server can then change its own local key and the RS key.

The storage for keydata is allocated dynamically; this storage may be freed with sec_key_mgmt_free_key().

ERRORS

error_status_ok, sec_key_mgmt_e_authn_invalid, sec_key_mgmt_e_key_unavailable, sec_key_mgmt_e_key_unsupported, sec_key_mgmt_e_key_version_ex, sec_key_mgmt_e_unauthorized.

SEE ALSO

Functions: sec_key_mgmt_change_key(), sec_key_mgmt_gen_rand_key().
Please note that the html version of this specification may contain formatting aberrations. The definitive version is available as an electronic publication on CD-ROM from The Open Group.

Contents Next section Index