krb5_encrpyt_block freeing

Paul Moore paul.moore at
Wed Jan 4 17:59:57 EST 2006

What I was actually doing was this. I have a key stored in external
storage and want to use it in a keyblock (like an alternate keytab

Now I do actually know the length of the data that is stored in external
storage so I can pass it to init_keyblock (this is what I ended up
doing), but I wanted to validate that I was actually being given a valid
key by verifying that the enc type was valid and that key length matched
the enc type. This I cannot do.

-----Original Message-----
From: Sam Hartman [mailto:hartmans at] 
Sent: Wednesday, January 04, 2006 1:50 PM
To: Paul Moore
Cc: Ken Hornstein; krbdev at MIT.EDU
Subject: Re: krb5_encrpyt_block freeing

>>>>> "Paul" == Paul Moore <paul.moore at> writes:

    Paul> Krb5_init_keyblock has a required length parameter
    Paul> -----Original Message----- From: Ken Hornstein
    Paul> [mailto:kenh at] Sent: Friday, December 30,
    Paul> 2005 8:16 AM To: Paul Moore; krbdev at Subject: Re:
    Paul> krb5_encrpyt_block freeing

Hmm, this definitely sounds like I did not think something through

Would you mind describing the data flow where you want to init a
keyblock but don't ye.t know the length?  This sounds like we have an
API design error we need to fix.


More information about the krbdev mailing list