krb5_set_default_in_tkt_ktypes()--Set Default Encryption Types to Request Initial Ticket
Syntax
#include <krb5.h> krb5_error_code krb5_set_default_in_tkt_ktypes( krb5_context context, krb5_const krb5_enctype * ktypes);Service Program Name: QSYS/QKRBGSS
Default Public Authority: *USE
Threadsafe: Yes
The krb5_set_default_in_tkt_ktypes() function sets the default encryption types to be used when requesting an initial ticket from the Kerberos server. The first encryption type specified is used for generating random keys, so it must be an encryption type that is supported by the Kerberos server. The encryption types specified override any values specified by the default_tkt_enctypes entry in the Kerberos configuration file.
Authorities
No authorities are required.
Parameters
- context (Input)
- The Kerberos context.
- ktypes (Input)
- An array of krb5_enctype values to be used when requesting an initial
ticket. The last element in the array must be set to
ENCTYPE_NULL (x'00000000'). The following symbolic definitions
are provided for specifying the encryption types:
ENCTYPE_DES_CBC_CRC (x'00000001') DES encryption with a CRC checksum ENCTYPE_DES_CBC_MD5 (x'00000003') DES encryption with an MD5 checksum ENCTYPE_DES_CBC_RAW (x'00000004') DES encryption with no checksum ENCTYPE_AES128_CTS_HMAC_SHA1_96 (x'00000011') AES-128 CTS mode encryption with 96-bit SHA-1 HMAC checksum ENCTYPE_AES256_CTS_HMAC_SHA1_96 (x'00000012') AES-256 CTS mode encryption with 96-bit SHA-1 HMAC checksum ENCTYPE_ARCFOUR_HMAC (x'00000017') ARCFOUR encryption with MD5 HMAC checksum.
Return Value
If no errors occur, the return value is 0. Otherwise, a Kerberos error code is returned.
Error Messages
Message ID | Error Message Text |
---|---|
CPE3418 E | Possible APAR condition or hardware failure. |
Usage Notes
- To interoperate with older Kerberos Version 5 servers, you should specify ENCTYPE_DES_CBC_CRC as the first encryption type.
API introduced: V5R1
[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]