diff options
Diffstat (limited to 'doc/manpage.d/ipsec_keyblobtoid.3.html')
| -rw-r--r-- | doc/manpage.d/ipsec_keyblobtoid.3.html | 174 |
1 files changed, 0 insertions, 174 deletions
diff --git a/doc/manpage.d/ipsec_keyblobtoid.3.html b/doc/manpage.d/ipsec_keyblobtoid.3.html deleted file mode 100644 index 109cfafa7..000000000 --- a/doc/manpage.d/ipsec_keyblobtoid.3.html +++ /dev/null @@ -1,174 +0,0 @@ -Content-type: text/html - -<HTML><HEAD><TITLE>Manpage of IPSEC_KEYBLOBTOID</TITLE> -</HEAD><BODY> -<H1>IPSEC_KEYBLOBTOID</H1> -Section: C Library Functions (3)<BR>Updated: 25 March 2002<BR><A HREF="#index">Index</A> -<A HREF="http://localhost/cgi-bin/man/man2html">Return to Main Contents</A><HR> - - -<A NAME="lbAB"> </A> -<H2>NAME</H2> - -ipsec keyblobtoid, splitkeytoid - generate key IDs from RSA keys -<A NAME="lbAC"> </A> -<H2>SYNOPSIS</H2> - -<B>#include <<A HREF="file:/usr/include/freeswan.h">freeswan.h</A>></B> - -<P> -<B>size_t keyblobtoid(const unsigned char *blob,</B> - -<BR> - -<B>size_t bloblen, char *dst, size_t dstlen);</B> - -<BR> - -<B>size_t splitkeytoid(const unsigned char *e, size_t elen,</B> - -<BR> - -<B>const unsigned char *m, size_t mlen, char *dst,</B> - -<BR> - -<B>size_t dstlen);</B> - -<A NAME="lbAD"> </A> -<H2>DESCRIPTION</H2> - -<I>Keyblobtoid</I> - -and -<I>splitkeytoid</I> - -generate -key IDs -from RSA keys, -for use in messages and reporting, -writing the result to -<I>dst</I>. - -A -<I>key ID</I> - -is a short ASCII string identifying a key; -currently it is just the first nine characters of the base64 -encoding of the RFC 2537/3110 ``byte blob'' representation of the key. -(Beware that no finite key ID can be collision-proof: -there is always some small chance of two random keys having the -same ID.) -<P> - -<I>Keyblobtoid</I> - -generates a key ID from a key which is already in the form of an -RFC 2537/3110 binary key -<I>blob</I> - -(encoded exponent length, exponent, modulus). -<P> - -<I>Splitkeytoid</I> - -generates a key ID from a key given in the form of a separate -(binary) exponent -<I>e</I> - -and modulus -<I>m</I>. - -<P> - -The -<I>dstlen</I> - -parameter of either -specifies the size of the -<I>dst</I> - -parameter; -under no circumstances are more than -<I>dstlen</I> - -bytes written to -<I>dst</I>. - -A result which will not fit is truncated. -<I>Dstlen</I> - -can be zero, in which case -<I>dst</I> - -need not be valid and no result is written, -but the return value is unaffected; -in all other cases, the (possibly truncated) result is NUL-terminated. -The -<I>freeswan.h</I> - -header file defines a constant -<B>KEYID_BUF</B> - -which is the size of a buffer large enough for worst-case results. -<P> - -Both functions return -<B>0</B> - -for a failure, and otherwise -always return the size of buffer which would -be needed to -accommodate the full conversion result, including terminating NUL; -it is the caller's responsibility to check this against the size of -the provided buffer to determine whether truncation has occurred. - -With keys generated by -<I><A HREF="ipsec_rsasigkey.3.html">ipsec_rsasigkey</A></I>(3), - -the first two base64 digits are always the same, -and the third carries only about one bit of information. -It's worse with keys using longer fixed exponents, -e.g. the 24-bit exponent that's common in X.509 certificates. -However, being able to relate key IDs to the full -base64 text form of keys by eye is sufficiently useful that this -waste of space seems justifiable. -The choice of nine digits is a compromise between bulk and -probability of collision. -<A NAME="lbAE"> </A> -<H2>SEE ALSO</H2> - -RFC 3110, -<I>RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS)</I>, -Eastlake, 2001 -(superseding the older but better-known RFC 2537). -<A NAME="lbAF"> </A> -<H2>DIAGNOSTICS</H2> - -Fatal errors are: -key too short to supply enough bits to construct a complete key ID -(almost certainly indicating a garbage key); -exponent too long for its length to be representable. -<A NAME="lbAG"> </A> -<H2>HISTORY</H2> - -Written for the FreeS/WAN project by Henry Spencer. -<P> - -<HR> -<A NAME="index"> </A><H2>Index</H2> -<DL> -<DT><A HREF="#lbAB">NAME</A><DD> -<DT><A HREF="#lbAC">SYNOPSIS</A><DD> -<DT><A HREF="#lbAD">DESCRIPTION</A><DD> -<DT><A HREF="#lbAE">SEE ALSO</A><DD> -<DT><A HREF="#lbAF">DIAGNOSTICS</A><DD> -<DT><A HREF="#lbAG">HISTORY</A><DD> -</DL> -<HR> -This document was created by -<A HREF="http://localhost/cgi-bin/man/man2html">man2html</A>, -using the manual pages.<BR> -Time: 21:40:18 GMT, November 11, 2003 -</BODY> -</HTML> |