DCE Security Service - Key Management API Data Types

Data Types

sec_passwd_type_t
An enumerated set describing the currently supported key types. The possible values are:

sec_passwd_none
Indicates no key types are supported.

sec_passwd_plain
Indicates that the key is a printable string of data.

sec_passwd_des
Indicates that the key is DES encrypted data.

sec_passwd_privkey
Indicates that the key is a private or public key of a public key pair used in public key authentication.

sec_passwd_genprivkey
Indicates the modulus bit size of the private key to be generated for a public key pair used in public key authentication.

sec_passwd_rec_t
A structure containing any of the following: a plaintext password, a preencrypted buffer of password data, a public-key-pair generation request, or a public or private key. The sec_passwd_rec_t structure consists of three components:

version_number
The version number of the password.

pepper
A character string combined with the password before an encryption key is derived from the password.

key
A structure consists of the following components:

key_type
The key type can be the following:

sec_passwd_plain
Indicates that a printable string of data is stored in plain.

sec_passwd_des
Indicates that an array of data is stored in des_key.

sec_passwd_privkey
Indicates that X.509 ASN.1 DER-encoded data is stored in priv_key.

sec_passwd_genprivkey
Indicates that unsigned 32-bit data is stored in modulus_size.

tagged_union
A structure specifying the password. The value of the structure depends on key_type.

If key_type is sec_passwd_plain, structure contains plain, a character string.

If key_type is sec_passwd_des, the structure contains des_key, a DES key of type sec_passwd_des_key_t.

If key_type is sec_passwd_privkey, the structure contains priv_key, a public or private key of type sec_pk_data_t.

If key_type is sec_passwd_genprivkey, the structure contains modulus_size, unsigned 32-bit data.

sec_passwd_version_t
An unsigned 32-bit integer that defines the password version number. You can supply a version number or a 0 for no version number. If you supply the constant sec_passwd_c_version_none, the Security service supplies a system-generated version number.

sec_key_mgmt_authn_service
A 32-bit unsigned integer whose purpose is to indicate the authentication service in use, since a server may have different keys for different levels of security. The possible values of this data type and their meanings are as follows:

rpc_c_authn_none
No authentication.

rpc_c_authn_dce_private
DCE private key authentication (an implementation of the Kerberos system).

rpc_c_authn_dce_public
DCE public key authentication (reserved for future use).