# phpman > man > rpc_secure(3t)

[RPC(3)](https://www.chedong.com/phpMan.php/man/RPC/3/markdown)                   BSD Library Functions Manual                   [RPC(3)](https://www.chedong.com/phpMan.php/man/RPC/3/markdown)

## NAME
     **rpc**___**secure** — library routines for secure remote procedure calls

## SYNOPSIS
### #include <rpc/rpc.h>

     _AUTH_ _*_
     **authdes**___**create**(_char_ _*name_, _unsigned_ _window_, _struct_ _sockaddr_ _*addr_, _des_block_ _*ckey_);

     _AUTH_ _*_
     **authdes**___**pk**___**create**(_char_ _*name_, _netobj_ _*publickey_, _unsigned_ _window_, _struct_ _sockaddr_ _*addr_,
         _des_block_ _*ckey_);

     _int_
     **authdes**___**getucred**(_struct_ _authdes_cred_ _*adc_, _uid_t_ _*uid_, _gid_t_ _*gid_, _int_ _*grouplen_,
         _gid_t_ _*groups_);

     _int_
     **getnetname**(_char_ _*name_);

     _int_
     **host2netname**(_char_ _*name_, _const_ _char_ _*host_, _const_ _char_ _*domain_);

     _int_
     **key**___**decryptsession**(_const_ _char_ _*remotename_, _des_block_ _*deskey_);

     _int_
     **key**___**encryptsession**(_const_ _char_ _*remotename_, _des_block_ _*deskey_);

     _int_
     **key**___**gendes**(_des_block_ _*deskey_);

     _int_
     **key**___**setsecret**(_const_ _char_ _*key_);

     _int_
     **netname2host**(_char_ _*name_, _char_ _*host_, _int_ _hostlen_);

     _int_
     **netname2user**(_char_ _*name_, _uid_t_ _*uidp_, _gid_t_ _*gidp_, _int_ _*gidlenp_, _gid_t_ _*gidlist_);

     _int_
     **user2netname**(_char_ _*name_, _const_ _uid_t_ _uid_, _const_ _char_ _*domain_);

## DESCRIPTION
     These routines are part of the RPC library.  They implement DES Authentication.  See [rpc(3)](https://www.chedong.com/phpMan.php/man/rpc/3/markdown) for
     further details about RPC.

     The **authdes**___**create**() is the first of two routines which interface to the RPC secure authentica‐
     tion system, known as DES authentication.  The second is **authdes**___**getucred**(), below.

     Note: the keyserver daemon [keyserv(8)](https://www.chedong.com/phpMan.php/man/keyserv/8/markdown) must be running for the DES authentication system to
     work.

     The **authdes**___**create**() function, used on the client side, returns an authentication handle that
     will enable the use of the secure authentication system.  The first argument _name_ is the net‐
     work name, or _netname_, of the owner of the server process.  This field usually represents a
     _hostname_ derived from the utility routine **host2netname**(), but could also represent a user name
     using **user2netname**().  The second field is window on the validity of the client credential,
     given in seconds.  A small window is more secure than a large one, but choosing too small of a
     window will increase the frequency of resynchronizations because of clock drift.  The third ar‐
     gument _addr_ is optional.  If it is NULL, then the authentication system will assume that the
     local clock is always in sync with the server's clock, and will not attempt resynchronizations.
     If an address is supplied, however, then the system will use the address for consulting the re‐
     mote time service whenever resynchronization is required.  This argument is usually the address
     of the RPC server itself.  The final argument _ckey_ is also optional.  If it is NULL, then the
     authentication system will generate a random DES key to be used for the encryption of creden‐
     tials.  If it is supplied, however, then it will be used instead.

     The **authdes**___**pk**___**create**() function is identical to **authdes**___**create**(), except that the public key
     needs to be provided at calling time and will not looked up by this function itself.

     The **authdes**___**getucred**() function, the second of the two DES authentication routines, is used on
     the server side for converting a DES credential, which is operating system independent, into a
     UNIX credential.  This routine differs from utility routine **netname2user**() in that
     **authdes**___**getucred**() pulls its information from a cache, and does not have to do a Yellow Pages
     lookup every time it is called to get its information.

     The **getnetname**() function installs the unique, operating-system independent netname of the
     caller in the fixed-length array _name_.  Returns TRUE if it succeeds and FALSE if it fails.

     The **host2netname**() function converts from a domain-specific hostname to an operating-system in‐
     dependent netname.  Returns TRUE if it succeeds and FALSE if it fails.  Inverse of
     **netname2host**().

     The **key**___**decryptsession**() function is an interface to the keyserver daemon, which is associated
     with RPC's secure authentication system (DES authentication).  User programs rarely need to
     call it, or its associated routines **key**___**encryptsession**(), **key**___**gendes**() and **key**___**setsecret**().
     System commands such as [login(1)](https://www.chedong.com/phpMan.php/man/login/1/markdown) and the RPC library are the main clients of these four rou‐
     tines.

     The **key**___**decryptsession**() function takes a server netname and a DES key, and decrypts the key by
     using the public key of the server and the secret key associated with the effective uid of the
     calling process.  It is the inverse of **key**___**encryptsession**().

     The **key**___**encryptsession**() function is a keyserver interface routine.  It takes a server netname
     and a des key, and encrypts it using the public key of the server and the secret key associated
     with the effective uid of the calling process.  It is the inverse of **key**___**decryptsession**().

     The **key**___**gendes**() function is a keyserver interface routine.  It is used to ask the keyserver
     for a secure conversation key.  Choosing one "random" is usually not good enough, because the
     common ways of choosing random numbers, such as using the current time, are very easy to guess.

     The **key**___**setsecret**() function is a keyserver interface routine.  It is used to set the key for
     the effective _uid_ of the calling process.

     The **netname2host**() function converts from an operating-system independent netname to a domain-
     specific hostname.  Returns TRUE if it succeeds and FALSE if it fails.  Inverse of
     **host2netname**().

     The **netname2user**() function converts from an operating-system independent netname to a domain-
     specific user ID.  Returns TRUE if it succeeds and FALSE if it fails.  Inverse of
     **user2netname**().

     The **user2netname**() function converts from a domain-specific username to an operating-system in‐
     dependent netname.  Returns TRUE if it succeeds and FALSE if it fails.  Inverse of
     **netname2user**().

## AVAILABILITY
     These functions are part of libtirpc.

## SEE ALSO
     [rpc(3)](https://www.chedong.com/phpMan.php/man/rpc/3/markdown), [xdr(3)](https://www.chedong.com/phpMan.php/man/xdr/3/markdown)

     The following manuals:

     _Remote_ _Procedure_ _Calls:_ _Protocol_ _Specification_.

     _Remote_ _Procedure_ _Call_ _Programming_ _Guide_.

     _Rpcgen_ _Programming_ _Guide_.

     _RPC:_ _Remote_ _Procedure_ _Call_ _Protocol_ _Specification_, RFC1050, Sun Microsystems Inc., USC-ISI.

BSD                            February 16, 1988                           BSD