diff --git a/lib/krb5/krb5_keyblock.3 b/lib/krb5/krb5_keyblock.3
index 7bfe890da..cfe12a2de 100644
--- a/lib/krb5/krb5_keyblock.3
+++ b/lib/krb5/krb5_keyblock.3
@@ -43,7 +43,8 @@
 .Nm krb5_free_keyblock_contents ,
 .Nm krb5_generate_random_keyblock ,
 .Nm krb5_generate_subkey ,
-.Nm krb5_keyblock_zero
+.Nm krb5_keyblock_zero ,
+.Nm krb5_random_to_key
 .Nd Kerberos 5 key handling functions.
 .Sh LIBRARY
 Kerberos 5 Library (libkrb5, -lkrb5)
@@ -84,7 +85,7 @@ Kerberos 5 Library (libkrb5, -lkrb5)
 .Fc
 .Ft krb5_error_code
 .Fo krb5_generate_subkey
-.Fo "krb5_context context"
+.Fa "krb5_context context"
 .Fa "const krb5_keyblock *key"
 .Fa "krb5_keyblock **subkey"
 .Fc
@@ -92,6 +93,14 @@ Kerberos 5 Library (libkrb5, -lkrb5)
 .Fo krb5_keyblock_zero
 .Fa "krb5_keyblock *keyblock"
 .Fc
+.Ft krb5_error_code
+.Fo krb5_random_to_key
+.Fa "krb5_context context"
+.Fa "krb5_enctype type"
+.Fa "const void *data"
+.Fa "size_t size"
+.Fa "krb5_keyblock *key"
+.Fc
 .Sh DESCRIPTION
 .Li krb5_keyblock
 holds the encryption key for a specific encryption type.
@@ -150,7 +159,17 @@ memory.
 Note that
 .Fn krb5_free_keyblock_contents
 also zeros out the memory.
+.Pp
+.Fn krb5_random_to_key
+converts the random bytestring to a protocol key according to Kerberos
+crypto frame work.
+It the resulting key will be of type
+.Fa enctype .
+It may be assumed that all the bits of the input string are equally
+random, even though the entropy present in the random source may be
+limited
 .\" .Sh EXAMPLES
 .Sh SEE ALSO
+.Xr krb5_crypto_init 3 ,
 .Xr krb5 3 ,
 .Xr krb5.conf 5