Network Authentication Service APIs

The Network Authentication Service APIs support job environments for most EBCDIC CCSIDs. CCSID 290 and 5026 are not supported because of the variance of lowercase letters a to z. These APIs provide the means to verify the identity of a user in a network.

For more information on this topic, see Network Authentication Service.

The Network Authentication Service APIs are:

krb5_address_compare() (Compare two Kerberos addresses) allows an application to compare two Kerberos addresses.
krb5_address_search() (Search a list of addresses) allows an application to search a list of addresses for a specific address.
krb5_auth_con_free() (Free an authentication context) releases an authentication context.
krb5_auth_con_genaddrs() (Generate local and remote addresses) generates local and remote network addresses from a socket descriptor and places them in an authentication context.
krb5_auth_con_getaddrs() (Get local and remote addresses) retrieves the local and remote network addresses from the authentication context.
krb5_auth_con_getauthenticator() (Get authenticator) retrieves the authenticator from the authentication context.
krb5_auth_con_getflags() (Get current authentication context flags) retrieves the current authentication context flags.
krb5_auth_con_getivector() (Get address of the initial vector) returns the address of the initial vector used by the specified authentication context.
krb5_auth_con_getkey() (Get current encryption key) retrieves the current encryption key stored in the authentication context.
krb5_auth_con_getlocalseqnumber() (Get local message sequence number) retrieves the local message sequence number from the authentication context.
krb5_auth_con_getlocalsubkey() (Get local subsession key) retrieves the local subsession key stored in the authentication context.
krb5_auth_con_getports() (Get local and remote network ports) retrieves the local and remote network ports stored in the authentication context.
krb5_auth_con_getrcache() (Get replay cache handle) retrieves the replay cache for the authentication context.
krb5_auth_con_getremoteseqnumber() (Get remote message sequence number) retrieves the remote message sequence number from the authentication context.
krb5_auth_con_getremotesubkey() (Get remote subsession key) retrieves the remote subsession key stored in the authentication context.
krb5_auth_con_init() (Create and initialize an authentication context) creates an authentication context.
krb5_auth_con_initvector() (Allocate and zero the initial vector) allocates and zeros the initial vector in the authentication context.
krb5_auth_con_set_req_cksumtype() (Set checksum type used to generate an application request message) sets the checksum type that will be used by the krb5_mk_req() to generate an application request message.
krb5_auth_con_set_safe_cksumtype() (Set checksum type used to generate a signed application message) sets the checksum type used by the krb5_mk_safe() routine to generate a signed application message.
krb5_auth_con_setaddrs() (Set local and remote addresses) sets the local and remote network address values in the authentication context.
krb5_auth_con_setflags() (Set authentication context flags) sets the authentication context flags.
krb5_auth_con_setivector() (Set initial vector) sets the initial vector in the authentication context.
krb5_auth_con_setports() (Set local and remote ports) sets the local and remote network ports in the authentication context.
krb5_auth_con_setrcache() (Set replay cache handle) sets the replay cache for the authentication context.
krb5_auth_con_setuseruserkey() (Set user key) sets the user key in the authentication context.
krb5_auth_to_rep() (Convert a Kerberos authenticator) extracts information from ticket authentication data and builds a replay cache entry.
krb5_build_principal() (Build a Kerberos principal) builds a Kerberos principal from its component strings.
krb5_build_principal_ext() (Build a Kerberos principal extended) builds a Kerberos principal from its component strings.
krb5_build_principal_ext_va() (Build a Kerberos principal extended with variable argument list) builds a Kerberos principal from its component strings.
krb5_build_principal_va() (Build a Kerberos principal with variable argument list) builds a Kerberos principal from its component strings.
krb5_cc_close() (Close a credentials cache) closes a credentials cache.
krb5_cc_default() (Resolve default credentials cache) resolves the default credentials cache and returns a handle that can be used to access the cache.
krb5_cc_default_name() (Get name of the default credentials cache) returns the name of the default credentials cache for the current user.
krb5_cc_destroy() (Close and delete credentials cache) closes and deletes a credentials cache.
krb5_cc_end_seq_get() (End sequential reading from a credentials cache) unlocks the credentials cache and releases the cursor, thus ending the sequential reading of the credentials cache.
krb5_cc_generate_new() (Create a new credentials cache) creates a new credentials cache with a unique name.
krb5_cc_get_name() (Get credentials cache name) returns the name of the credentials cache.
krb5_cc_get_principal() (Get principal from a credentials cache) returns the principal associated with the credentials cache.
krb5_cc_get_type() (Get credentials cache type) returns the credentials cache type.
krb5_cc_initialize() (Initialize credentials cache) initializes a credentials cache.
krb5_cc_next_cred() (Get next entry from a credentials cache) reads the next entry from the credentials cache and returns it to the application.
krb5_cc_register() (Define new credentials cache type) allows an application to define a new credentials cache type.
krb5_cc_remove_cred() (Remove entry) removes matching entries from the credentials cache.
krb5_cc_resolve() (Resolve credentials cache name) resolves a credentials cache name and returns a handle that can be used to access the cache.
krb5_cc_retrieve_cred() (Retrieve a set of credentials) searches the credentials cache and returns an entry that matches the credentials specified.
krb5_cc_set_default_name() (Set Default Credentials Cache Name) sets the name of the default credentials cache for the Kerberos context.
krb5_cc_set_flags() (Set credentials cache processing flags) sets the processing flags for the credentials cache.
krb5_cc_start_seq_get() (Start sequentially retrieving entries from a credentials cache) starts sequentially retrieving entries from the credentials cache.
krb5_cc_store_cred() (Store new set of credentials) stores a new set of Kerberos credentials in the credentials cache.
krb5_change_password() (Change Password) changes the password for the principal identified by the supplied credentials.
krb5_copy_address() (Copy a Kerberos address to a new structure) copies a Kerberos address to a new structure.
krb5_copy_addresses() (Copy an array of Kerberos addresses) copies an array of Kerberos address structures.
krb5_copy_authdata() (Copy an array of authorization data structures) copies an array of authorization data structures.
krb5_copy_authenticator() (Copy a Kerberos authenticator) copies a Kerberos authenticator.
krb5_copy_checksum() (Copy a Kerberos checksum) copies a Kerberos checksum.
krb5_copy_creds() (Copy Kerberos credentials) copies Kerberos credentials.
krb5_copy_data() (Copy a Kerberos data object) copies a Kerberos data object that is represented by a krb5_data structure.
krb5_copy_keyblock() (Copy a Kerberos keyblock) copies a Kerberos keyblock.
krb5_copy_keyblock_contents() (Copy contents of a Kerberos keyblock) copies the contents of a Kerberos keyblock into an existing keyblock.
krb5_copy_principal() (Copy a Kerberos principal) copies a Kerberos principal.
krb5_copy_ticket() (Copy a Kerberos ticket) copies a Kerberos ticket.
krb5_free_address() (Free storage assigned to a Kerberos address) releases the storage assigned to the contents of a krb5_address structure and then releases the krb5_address structure itself.
krb5_free_addresses() (Free storage assigned to array of Kerberos addresses) releases the storage assigned to an array of krb5_address structures.
krb5_free_ap_rep_enc_part() (Free storage assigned to AP_REP message encrypted part) releases the storage assigned to the decrypted portion of an AP_REP message.
krb5_free_authdata() (Free storage assigned to array of authentication data) releases the storage assigned to an array of krb5_authdata structures.
krb5_free_authenticator() (Free storage assigned to authenticator) releases the storage assigned to the contents of a krb5_authenticator structure and then releases the krb5_authenticator structure itself.
krb5_free_authenticator_contents() (Free storage assigned to contents of authenticator) releases the storage assigned to the contents of a krb5_authenticator structure.
krb5_free_checksum() (Free storage assigned to checksum) releases the storage assigned to a krb5_checksum structure and then releases the krb5_checksum structure itself.
krb5_free_cksumtypes() (Free Checksum Types) releases storage assigned to an array of checksum types.
krb5_free_context() (Free Kerberos context) releases a context that was created by the krb5_init_context() routine.
krb5_free_cred_contents() (Free storage assigned to contents of a credential) releases the storage assigned to the contents of a krb5_creds structure.
krb5_free_creds() (Free storage assigned to a credential) releases the storage assigned to the contents of a krb5_creds structure and then releases the krb5_creds structure itself.
krb5_free_data() (Free storage assigned to a Kerberos data object) releases the storage assigned to a Kerberos data object represented by a krb5_data structure.
krb5_free_data_contents() (Free storage assigned to contents of a Kerberos data object) releases the storage assigned to the contents of a Kerberos data object represented by a krb5_data structure.
krb5_free_enc_tkt_part() (Free storage assigned to encrypted ticket part) releases the storage assigned to to the krb5_enc_tkt_part structure and then releases the krb5_enc_tkt_part structure itself.
krb5_free_enctypes() (Free storage assigned to array of encryption types) releases the storage assigned to an array of encryption types.
krb5_free_error() (Free storage assigned to Kerberos error message) releases the storage assigned to the krb5_error structure and then releases the krb5_error structure itself.
krb5_free_host_realm() (Free storage assigned to realm list) releases the storage assigned to a realm list.
krb5_free_kdc_rep() (Free storage assigned to KDC reply) releases the contents of the krb5_kdc_rep structure and then releases the krb5_kdc_rep structure itself.
krb5_free_keyblock() (Free storage assigned to a keyblock) releases the contents of the krb5_keyblock structure and then releases the krb5_keyblock structure itself.
krb5_free_keyblock_contents() (Free storage assigned to contents of a keyblock) releases the contents of the krb5_keyblock structure.
krb5_free_krbhst() (Free storage assigned to host list) releases the storage assigned to a host list.
krb5_free_principal() (Free storage assigned to principal) releases the storage assigned to a krb_5 principal.
krb5_free_string() (Free storage assigned to character string) releases the storage assigned to a character string.
krb5_free_tgt_creds() (Free storage assigned to array of credentials) releases the storage assigned to an array of krb5_creds structures.
krb5_free_ticket() (Free storage assigned to a ticket) releases the storage assigned to a krb5_ticket structure and then releases the krb5_ticket structure itself.
krb5_free_tickets() (Free storage assigned to array of tickets) releases the storage assigned to an array of krb5_ticket structures.
krb5_gen_replay_name() (Generate replay cache name) generates a unique replay cache name based on the Kerberos address supplied by the caller.
krb5_generate_seq_number() (Generate random sequence number) generates a random sequence number based on the supplied key.
krb5_generate_subkey() (Generate subsession key) generates a random subsession key that is based on the supplied session key.
krb5_get_cred_from_kdc() (Get service ticket from Kerberos KDC server) obtains a service ticket from the Kerberos Key Distribution Center (KDC) server.
krb5_get_cred_from_kdc_renew() (Renew service ticket obtained from Kerberos KDC server) renews a service ticket obtained from the Kerberos Key Distribution Center (KDC) server.
krb5_get_cred_from_kdc_validate() (Validate service ticket obtained from Kerberos KDC server) validates a service ticket obtained from the Kerberos Key Distribution Center (KDC) server.
krb5_get_cred_via_tkt() (Get service ticket from Kerberos KDC server using supplied ticket-granting ticket) obtains a service ticket from the Kerberos Key Distribution Center (KDC) server.
krb5_get_credentials() (Get service ticket) obtains a service ticket for the requested server.
krb5_get_credentials_renew() (Renew service ticket) renews a service ticket for the rquested service.
krb5_get_credentials_validate() (Validate service ticket) validates a service ticket for the requested service.
krb5_get_default_in_tkt_ktypes() (Get default encryption types to be used for initial ticket) returns the default encryption types that are used when requesting an initial ticket from the Kerberos server.
krb5_get_default_realm() (Get default realm) returns the default realm for the local system.
krb5_get_default_tgs_ktypes() (Get default encryption types to be used for service ticket) returns the default encryption types that are used when requesting a service ticket from the Kerberos server.
krb5_get_host_realm() (Get Kerberos realm name for host name) returns a list of Kerberos realm names for the specified host name.
krb5_get_in_tkt_with_keytab() (Get initial ticket using key table) obtains an initial ticket-granting ticket from the Kerberos Key Distribution Center (KDC) server using a key table.
krb5_get_in_tkt_with_password() (Get initial ticket using text password) obtains an initial ticket-granting ticket from the Kerberos Key Distribution Center (KDC) server using a text password.
krb5_get_in_tkt_with_skey() (Get initial ticket using session key) obtains an initial ticket-granting ticket from the Kerberos Key Distribution Center (KDC) server using a session key.
krb5_get_krbhst() (Get list of KDC hosts) returns a list of Kerberos Key Distribution Center (KDC) server hosts for a Kerberos realm.
krb5_get_server_rcache() (Generate replay cache for server use) generates a unique replay cache name and then opens the replay cache.
krb5_init_context() (Create and initialize a Kerberos context) creates a new Kerberos context and initializes it with default values obtained from the Kerberos configuration file.
krb5_kt_add_entry() (Add new entry to key table) adds a new entry to a key table.
krb5_kt_close() (Close key table) closes a key table.
krb5_kt_default() (Resolve default key table) resolves the default key table and returns a handle that can be used to access the table.
krb5_kt_default_name() (Get default key table name) returns the name of the default key table for the current user.
krb5_kt_end_seq_get() (End sequential reading of key table) ends the sequential reading of the key table and releases the cursor.
krb5_kt_free_entry() (Free storage assigned to key table entry) releases the storage assigned to a key table entry.
krb5_kt_get_entry() (Get entry from key table) returns an entry from the key table.
krb5_kt_get_name() (Get key table name) returns the name of the key table in the application-provided buffer supplied in the name parameter.
krb5_kt_get_type() (Get key table type) returns the key table type.
krb5_kt_next_entry() (Get next entry from key table) reads the next entry from the key table and returns it to the application.
krb5_kt_read_service_key() (Get service key from key table) returns the service key from the key table.
krb5_kt_register() (Register new key table type) registers a new key table type.
krb5_kt_remove_entry() (Remove entry from key table) removes an entry from a key table.
krb5_kt_resolve() (Resolve key table name) resolves a key table name and returns a handle that can be used to access the table.
krb5_kt_start_seq_get() (Start sequentially retrieving entries from key table) starts sequentially retrieving entries from the key table.
krb5_md5_crypto_compat_ctl() (Set compatibility mode for MD5 checksum generation) sets the compatibility mode for the MD5 DES checksum generation.
krb5_mk_error() (Create Kerberos KRB_ERROR message) creates a Kerberos KRB_ERROR message.
krb5_mk_priv() (Create Kerberos KRB_PRIV message) creates a Kerberos KRB_PRIV message using data supplied by the application.
krb5_mk_rep() (Create Kerberos AP_REP message) creates a Kerberos AP_REP message using information in the authentication context.
krb5_mk_req() (Create Kerberos AP_REQ message) creates a Kerberos AP_REQ message.
krb5_mk_req_extended() (Create Kerberos AP_REQ message using supplied credentials) creates a Kerberos AP_REQ message using supplied credentials.
krb5_mk_safe() (Create Kerberos KRB_SAFE message) creates a Kerberos KRB_SAFE message using data supplied by the application.
krb5_os_hostaddr() (Get network addresses used by specific host system) returns the network addresses used by a specific host system.
krb5_os_localaddr() (Return network addresses used by local system) returns the network addresses used by the local system.
krb5_parse_name() (Create Kerberos principal from text string) converts a text string into a Kerberos principal.
krb5_principal_compare() (Compare two Kerberos principals) allows an application to compare two Kerberos principals.
krb5_random_confounder() (Create random confounder) creates a random value that can be used as a confounder when encrypting data.
krb5_rc_close() (Close replay cache) closes a replay cache.
krb5_rc_default() (Resolve default replay cache) resolves the default replay cache and returns a handle that can be used to access the table.
krb5_rc_default_name() (Get default replay cache name) returns the name of the default replay cache for the current user.
krb5_rc_destroy() (Delete replay cache) closes and deletes a replay cache.
krb5_rc_expunge() (Delete expired entries from replay cache) deletes expired entries from the replay cache.
krb5_rc_free_entry_contents() (Free storage associated with replay cache entry) releases the storage associated with a replay cache entry.
krb5_rc_get_lifespan() (Get authenticator lifespan for entries in replay cache) returns the authenticator lifespan for entries in the replay cache.
krb5_rc_get_name() (Get replay cache name) returns the replay cache name.
krb5_rc_get_type() (Get replay cache type) returns the replay cache type.
krb5_rc_initialize() (Initialize replay cache) initializes a replay cache.
krb5_rc_recover() (Recover replay cache) recovers a replay cache after the application has been restarted.
krb5_rc_register_type() (Define new replay cache type) allows an application to define a new replay cache type.
krb5_rc_resolve() (Resolve replay cache name) resolves a replay cache name and returns a handle that can be used to access the cache.
krb5_rc_store() (Store new entry in replay cache) stores a new entry in the replay cache after verifying that the entry is not already in the cache.
krb5_rd_error() (Process Kerberos KRB_ERROR message) processes a Kerberos KRB_ERROR message created by the krb5_mk_error() routine and returns a krb5_error structure.
krb5_rd_priv() (Process Kerberos KRB_PRIV message) processes a Kerberos KRB_PRIV message and extracts the application data after verifying its integrity.
krb5_rd_rep() (Process Kerberos AP_REP message) processes a Kerberos AP_REP message created by the krb5_mk_rep() routine.
krb5_rd_req() (Process Kerberos AP_REQ message) processes a Kerberos AP_REQ message generated by the partner application.
krb5_rd_req_verify() (Process and Verify Kerberos AP_REQ Message) processes an AP_REQ message generated by the partner application and verifies the application data checksum contained in the authenticator.
krb5_rd_safe() (Process Kerberos KRB_SAFE message) processes a Kerberos KRB_SAFE message and extracts the application data after verifying its integrity.
krb5_realm_compare() (Compare realm names of two principals) compares the realm names of two principals.
krb5_recvauth() (Process an Authentication Message Stream) processes an authentication message stream generated by thekrb5_sendauth()routine.
krb5_sendauth() (Send an Authentication Message Stream) generates an authentication message stream for processing by thekrb5_recvauth()routine.
krb5_set_config_files() (Set files to be processed for Kerberos configuration requests) specifies the names of the files to be processed to obtain the Kerberos configuration.
krb5_set_default_in_tkt_ktypes() (Set default encryption types to request initial ticket) sets the default encryption types to be used when requesting an initial ticket from the Kerberos server.
krb5_set_default_realm() (Set default realm for local system) sets the default realm for the specified Kerberos context.
krb5_set_default_tgs_ktypes() (Set default encryption types to request service ticket) sets the default encryption types to be used when requesting a service ticket from the Kerberos server.
krb5_sname_to_principal() (Convert service name to a Kerberos principal) converts a service name and a host name to a Kerberos principal.
krb5_svc_get_msg() (Get printable text message corresponding to Kerberos error code) returns a printable text message corresponding to a Kerberos error code.
krb5_timeofday() (Get current time of day in seconds since the epoch) returns the current time of day in seconds since the epoch (January 1, 1970).
krb5_unparse_name() (Convert a Kerberos principal to text string) creates a text string from a Kerberos principal.
krb5_unparse_name_ext() (Convert a Kerberos principal extended to text string) creates a text string from a Kerberos principal.
krb5_us_timeofday() (Get current time of day in seconds and microseconds since the epoch) returns the current time of day in seconds and microseconds since the epoch (January 1, 1970).
qkrb_add_kt_entry() (Add Keytab Entry) allows you to add a keytab entry to a keytab file for a specified principal name.
qkrb_count_kt_entries() (Count Keytab Entries) allows you to obtain the total count of entries in a keytab file or count the number of keytab entries there are for a particular principal.
qkrb_remove_kt_entry() (Remove Keytab Entry) allows you to remove keytab entries from a keytab file for a specified principal

Top | Security APIs | UNIX-Type APIs | APIs by category