From b2b3f67fc5608bc8d2d5b0848e8e12330b6954ec Mon Sep 17 00:00:00 2001
From: Johan Danielsson <joda@pdc.kth.se>
Date: Sun, 18 Apr 1999 13:47:30 +0000
Subject: [PATCH] initial version

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5975 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/krb5_create_checksum.3 | 68 +++++++++++++++++++++++++++++++++
 lib/krb5/krb5_crypto_init.3     | 41 ++++++++++++++++++++
 lib/krb5/krb5_encrypt.3         | 60 +++++++++++++++++++++++++++++
 3 files changed, 169 insertions(+)
 create mode 100644 lib/krb5/krb5_create_checksum.3
 create mode 100644 lib/krb5/krb5_crypto_init.3
 create mode 100644 lib/krb5/krb5_encrypt.3

diff --git a/lib/krb5/krb5_create_checksum.3 b/lib/krb5/krb5_create_checksum.3
new file mode 100644
index 000000000..05f18559f
--- /dev/null
+++ b/lib/krb5/krb5_create_checksum.3
@@ -0,0 +1,68 @@
+.\" Copyright (c) 1999 Kungliga Tekniska Högskolan
+.\" $Id$
+.Dd April  7, 1999
+.Dt NAME 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_checksum_is_collision_proof , 
+.Nm krb5_checksum_is_keyed , 
+.Nm krb5_checksumsize , 
+.Nm krb5_create_checksum , 
+.Nm krb5_verify_checksum
+.Nd creates and verifies checksums
+.Sh SYNOPSIS
+.Fd #include <krb5.h>
+
+.Ft krb5_error_code
+.Fn krb5_create_checksum "krb5_context context" "krb5_crypto crypto" "unsigned usage_or_type" "void *data" "size_t len" "Checksum *result"
+
+.Ft krb5_error_code
+.Fn krb5_verify_checksum "krb5_context context" "krb5_crypto crypto" "krb5_key_usage usage" "void *data" "size_t len" "Checksum *cksum"
+
+.Ft krb5_boolean
+.Fn krb5_checksum_is_collision_proof "krb5_context context" "krb5_cksumtype type"
+
+.Ft krb5_boolean
+.Fn krb5_checksum_is_keyed "krb5_context context" "krb5_cksumtype type"
+
+.Sh DESCRIPTION
+These functions are used to create and verify checksums.
+.Fn krb5_create_checksum 
+creates a checksum of the specified data, and puts it in
+.Fa result .
+If
+.Fa crypto
+is 
+.Dv NULL ,
+.Fa usage_or_type 
+specifies the checksum type to use; it must not be keyed. Otherwise 
+.Fa crypto
+is an encryption context created by
+.Fn krb5_crypto_init ,
+and
+.Fa usage_or_type
+specifies a key-usage.
+.Pp
+.Fn krb5_verify_checksum
+verifies the
+.Fa checksum ,
+against the provided data. 
+.Pp
+.Fn krb5_checksum_is_collision_proof
+returns true is the specified checksum is collision proof (that it's
+very unlikely that two strings has the same hash value, and that it's
+hard to find two strings that has the same hash). Examples of
+collision proof checksums are MD5, and SHA1, while CRC32 is not.
+.Pp
+.Fn krb5_checksum_is_keyed
+returns true if the specified checksum type is keyed (that the hash
+value is a function of both the data, and a separate key). Examples of
+keyed hash algorithms are HMAC-SHA1-DES3, and RSA-MD5-DES. The 
+.Dq plain
+hash functions MD5, and SHA1 are not keyed.
+
+.\" .Sh EXAMPLE
+.\" .Sh BUGS
+.Sh SEE ALSO
+.Xr krb5_crypto_init 3 ,
+.Xr krb5_encrypt 3
diff --git a/lib/krb5/krb5_crypto_init.3 b/lib/krb5/krb5_crypto_init.3
new file mode 100644
index 000000000..c35fc3eac
--- /dev/null
+++ b/lib/krb5/krb5_crypto_init.3
@@ -0,0 +1,41 @@
+.\" Copyright (c) 1999 Kungliga Tekniska Högskolan
+.\" $Id$
+.Dd April  7, 1999
+.Dt NAME 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_crypto_init , 
+.Nm krb5_crypto_destroy
+.Nd initialize encryption context
+.Sh SYNOPSIS
+.Fd #include <krb5.h>
+
+.Ft krb5_error_code
+.Fn krb5_crypto_init "krb5_context context" "krb5_keyblock *key" "krb5_enctype enctype" "krb5_crypto *crypto"
+
+.Ft krb5_error_code
+.Fn krb5_crypto_destroy "krb5_context context" "krb5_crypto crypto"
+
+.Sh DESCRIPTION
+These functions are used to initialize an encryption context that can
+be used to encrypt or checksum data.
+.Pp
+The
+.Fn krb5_crypt_init
+initializes the encrytion context
+.Fa crypto .
+The
+.Fa key
+parameter is the key to use for encryption, and checksums. The
+encryption type to use is taken from the key, but can be overridden
+with the
+.Fa enctype parameter .
+.Pp
+.Fn krb5_crypto_destroy
+frees a previously allocated encrypion context.
+
+.\" .Sh EXAMPLE
+.\" .Sh BUGS
+.Sh SEE ALSO
+.Xr krb5_create_checksum 3 ,
+.Xr krb5_encrypt 3
diff --git a/lib/krb5/krb5_encrypt.3 b/lib/krb5/krb5_encrypt.3
new file mode 100644
index 000000000..213bfe049
--- /dev/null
+++ b/lib/krb5/krb5_encrypt.3
@@ -0,0 +1,60 @@
+.\" Copyright (c) 1999 Kungliga Tekniska Högskolan
+.\" $Id$
+.Dd April  7, 1999
+.Dt KRB5_ENCRYPT 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_decrypt , 
+.Nm krb5_decrypt_EncryptedData , 
+.Nm krb5_encrypt , 
+.Nm krb5_encrypt_EncryptedData
+.Nd encrypt and decrypt data
+.Sh SYNOPSIS
+.Fd #include <krb5.h>
+
+.Ft krb5_error_code
+.Fn krb5_encrypt "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "krb5_data *result"
+
+.Ft krb5_error_code
+.Fn krb5_encrypt_EncryptedData "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "int kvno" "EncryptedData *result"
+
+.Ft krb5_error_code
+.Fn krb5_decrypt "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "krb5_data *result"
+
+.Ft krb5_error_code
+.Fn krb5_decrypt_EncryptedData "krb5_context context" "krb5_crypto crypto" "unsigned usage" "EncryptedData *e" "krb5_data *result"
+
+.Sh DESCRIPTION
+These functions are used to encrypt and decrypt data.
+.Pp
+.Fn krb5_encrypt
+puts the encrypted version of 
+.Fa data
+(of size
+.Fa len )
+in
+.Fa result .
+If the encryption type supports using derived keys, 
+.Fa usage
+should be the appropriate key-usage.
+.Fn krb5_encrypt_EncryptedData
+does the same as
+.Fn krb5_encrypt ,
+but it puts the encrypted data in a
+.Fa EncryptedData 
+structure instead. If 
+.Fa kvno 
+is not zero, it will be put in the 
+.Fa kvno field in the
+.Fa EncryptedData .
+.Pp
+.Fn krb5_decrypt ,
+and
+.Fn krb5_decrypt_EncryptedData
+works similarly.
+
+.\" .Sh EXAMPLE
+.\" .Sh BUGS
+.Sh SEE ALSO
+.Xr krb5_crypto_init 3 ,
+.Xr krb5_create_checksum 3