[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

randkey generation

hi. i'm wondering if there is a reason that the behavior of
_kadm5_set_keys_randomly() in lib/kadm5/set_keys.c cannot be
influenced so that only keys of desired etypes are generated.
by contrast, the make_keys() function, which is called by
set_keys(), allows one to specify a ``default_keys'' paramet-
er in the kadmin config and thus control what etypes are gen-
erated (with which salts) when creating keys with passwords,
but this has no influence over the generation of random keys,
and so i'm just wondering why this is the case. would it be
unreasonable to ``factor out'' the ``default_keys'' parsing
code from make_keys() and calls it both from make_keys() and