add_key(2)

1ADD_KEY(2)                Linux Key Management Calls                ADD_KEY(2)
2
3
4

NAME

6       add_key - add a key to the kernel's key management facility
7

SYNOPSIS

9       #include <keyutils.h>
10
11       key_serial_t add_key(const char *type, const char *description,
12                            const void *payload, size_t plen,
13                            key_serial_t keyring);
14

DESCRIPTION

16       add_key()  asks  the kernel to create or update a key of the given type
17       and description, instantiate it with the payload of length plen, and to
18       attach it to the nominated keyring and to return its serial number.
19
20       The key type may reject the data if it's in the wrong format or in some
21       other way invalid.
22
23       If the destination keyring already contains  a  key  that  matches  the
24       specified  type and description then, if the key type supports it, that
25       key will be updated rather than a new key being created; if not, a  new
26       key  will  be  created  and it will displace the link to the extant key
27       from the keyring.
28
29       The destination keyring serial number may be that of a valid keyring to
30       which  the  caller has write permission, or it may be a special keyring
31       ID:
32
33       KEY_SPEC_THREAD_KEYRING
34              This specifies the caller's thread-specific keyring.
35
36       KEY_SPEC_PROCESS_KEYRING
37              This specifies the caller's process-specific keyring.
38
39       KEY_SPEC_SESSION_KEYRING
40              This specifies the caller's session-specific keyring.
41
42       KEY_SPEC_USER_KEYRING
43              This specifies the caller's UID-specific keyring.
44
45       KEY_SPEC_USER_SESSION_KEYRING
46              This specifies the caller's UID-session keyring.
47

KEY TYPES

49       There are a number of key types available in the  core  key  management
50       code, and these can be specified to this function:
51
52       “user” Keys  of  the  user-defined key type may contain a blob of arbi‐
53              trary data, and the description may be any valid string,  though
54              it  is  preferred that the description be prefixed with a string
55              representing the service to which the key is of interest  and  a
56              colon  (for  instance “afs:mykey”).  The payload may be empty or
57              NULL for keys of this type.
58
59       “keyring”
60              Keyrings are  special  key  types  that  may  contain  links  to
61              sequences  of other keys of any type.  If this interface is used
62              to create a keyring, then a NULL payload  should  be  specified,
63              and plen should be zero.
64

RETURN VALUE

66       On success add_key() returns the serial number of the key it created or
67       updated.  On error, the value -1 will be returned and errno  will  have
68       been set to an appropriate error.
69

ERRORS

71       ENOKEY The keyring doesn't exist.
72
73       EKEYEXPIRED
74              The keyring has expired.
75
76       EKEYREVOKED
77              The keyring has been revoked.
78
79       EINVAL The payload data was invalid.
80
81       ENOMEM Insufficient memory to create a key.
82
83       EDQUOT The  key  quota for this user would be exceeded by creating this
84              key or linking it to the keyring.
85
86       EACCES The keyring wasn't available for modification by the user.
87

LINKING

89       Although this is a Linux system call, it is not present in libc but can
90       be  found  rather  in  libkeyutils.  When linking, -lkeyutils should be
91       specified to the linker.
92

COLOPHON

97       This page is part of release 3.53 of the Linux  man-pages  project.   A
98       description  of  the project, and information about reporting bugs, can
99       be found at http://www.kernel.org/doc/man-pages/.
100
101
102
103Linux                             2010-02-25                        ADD_KEY(2)