krb5_auth_con_setivector()--Set Initial Vector


  Syntax 
 #include <krb5.h>

 krb5_error_code krb5_auth_con_setivector(
     krb5_context     context,
     krb5_auth_context      auth_context,  
     krb5_pointer       ivec);
  Service Program Name: QSYS/QKRBGSS

  Default Public Authority: *USE

  Threadsafe: Conditional. See Usage Notes.

The krb5_auth_con_setivector() function sets the initial vector in the authentication context. A copy is not made of the initial vector, so the application must not change or free the buffer specified by the ivec parameter until either a new initial vector is set or the authentication context is released. The initial vector is used to initialize the encryption sequence each time a message is encrypted. This generates different encrypted results for the same message contents and encryption key.


Authorities

No authorities are required.


Parameters

context  (Input)
The Kerberos context.

auth_context  (Input)
The authentication context.

ivec  (Input)
The initial vector.

Return Value

If no errors occur, the return value is 0. Otherwise, a Kerberos error code is returned.


Error Messages

Message ID Error Message Text
CPE3418 E Possible APAR condition or hardware failure.


Usage Notes

  1. The application should not use both krb5_auth_con_initivector() and krb5_auth_con_setivector() for the same authentication context.

  2. The Kerberos protocol runtime provides no concurrency control for the authentication context. If the application wants to use the same authentication context in multiple threads, it is the responsibility of the application to serialize access to the authentication context so that only a single thread is accessing the authentication context at any time.

API introduced: V5R1

[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]