/illumos-gate/usr/src/lib/krb5/plugins/preauth/pkinit/ |
H A D | pkinit_crypto_openssl.h | 133 pkinit_plg_crypto_context plgctx; member in struct:_pkinit_cert_data 143 pkinit_plg_crypto_context plgctx; member in struct:_pkinit_cert_iter_data
|
H A D | pkinit_clnt.c | 94 (krb5_context context, pkinit_context plgctx, 101 (krb5_context context, pkinit_context plgctx, 108 (krb5_context context, pkinit_context plgctx, 114 (krb5_context context, pkinit_context plgctx, 125 pkinit_context plgctx, 155 retval = pkinit_get_kdc_cert(context, plgctx->cryptoctx, reqctx->cryptoctx, 189 retval = pkinit_as_req_create(context, plgctx, reqctx, ctsec, cusec, 272 pkinit_context plgctx, 324 retval = create_krb5_supportedCMSTypes(context, plgctx->cryptoctx, 347 if ((retval = client_create_dh(context, plgctx 124 pa_pkinit_gen_req(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_kdc_req * request, krb5_pa_data * in_padata, krb5_pa_data *** out_padata, krb5_prompter_fct prompter, void *prompter_data, krb5_get_init_creds_opt *gic_opt) argument 271 pkinit_as_req_create(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_timestamp ctsec, krb5_int32 cusec, krb5_ui_4 nonce, const krb5_checksum * cksum, krb5_principal server, krb5_data ** as_req) argument 496 pa_pkinit_parse_rep(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_kdc_req * request, krb5_pa_data * in_padata, krb5_enctype etype, krb5_keyblock * as_key, krb5_data *encoded_request) argument 538 verify_kdc_san(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_principal kdcprinc, int *valid_san, int *need_eku_checking) argument 651 verify_kdc_eku(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, int *eku_accepted) argument 689 pkinit_as_rep_parse(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_preauthtype pa_type, krb5_kdc_req *request, const krb5_data *as_rep, krb5_keyblock *key_block, krb5_enctype etype, krb5_data *encoded_request) argument 933 pkinit_client_profile(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_kdc_req *request) argument 1035 pkinit_context plgctx = (pkinit_context)plugin_context; local 1138 pkinit_context plgctx = (pkinit_context)plugin_context; local 1244 struct _pkinit_context *plgctx = (struct _pkinit_context *)plugin_context; local 1335 pkinit_fini_client_profile(krb5_context context, pkinit_context plgctx) argument 1342 pkinit_init_client_profile(krb5_context context, pkinit_context plgctx) argument 1451 handle_gic_opt(krb5_context context, struct _pkinit_context *plgctx, const char *attr, const char *value) argument 1497 struct _pkinit_context *plgctx = (struct _pkinit_context *)plugin_context; local [all...] |
H A D | pkinit_srv.c | 88 (krb5_context context, pkinit_kdc_context plgctx); 149 pkinit_kdc_context plgctx = NULL; local 157 plgctx = pkinit_find_realm_context(context, pa_plugin_context, 159 if (plgctx == NULL) 167 pkinit_kdc_context plgctx, 180 retval = crypto_retrieve_cert_sans(context, plgctx->cryptoctx, 181 reqctx->cryptoctx, plgctx->idctx, 183 plgctx->opts->allow_upn ? &upns : NULL, 192 retval = call_san_checking_plugins(context, plgctx, reqctx, princs, 287 pkinit_kdc_context plgctx, 166 verify_client_san(krb5_context context, pkinit_kdc_context plgctx, pkinit_kdc_req_context reqctx, krb5_principal client, int *valid_san) argument 286 verify_client_eku(krb5_context context, pkinit_kdc_context plgctx, pkinit_kdc_req_context reqctx, int *eku_accepted) argument 340 pkinit_kdc_context plgctx = NULL; local 705 pkinit_kdc_context plgctx; local 1088 pkinit_fini_kdc_profile(krb5_context context, pkinit_kdc_context plgctx) argument 1097 pkinit_init_kdc_profile(krb5_context context, pkinit_kdc_context plgctx) argument 1219 pkinit_kdc_context plgctx = NULL; local 1289 pkinit_kdc_context plgctx, *realm_contexts = NULL; local 1339 pkinit_server_plugin_fini_realm(krb5_context context, pkinit_kdc_context plgctx) argument [all...] |
H A D | pkinit_crypto_openssl.c | 665 pkinit_init_dh_params(pkinit_plg_crypto_context plgctx) argument 669 plgctx->dh_1024 = DH_new(); 670 if (plgctx->dh_1024 == NULL) 672 plgctx->dh_1024->p = BN_bin2bn(pkinit_1024_dhprime, 674 if ((plgctx->dh_1024->g = BN_new()) == NULL || 675 (plgctx->dh_1024->q = BN_new()) == NULL) 677 BN_set_word(plgctx->dh_1024->g, DH_GENERATOR_2); 678 BN_rshift1(plgctx->dh_1024->q, plgctx->dh_1024->p); 680 plgctx 712 pkinit_fini_dh_params(pkinit_plg_crypto_context plgctx) argument 1190 cms_signeddata_verify(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, pkinit_identity_crypto_context idctx, int cms_msg_type, int require_crl_checking, unsigned char *signed_data, unsigned int signed_data_len, unsigned char **data, unsigned int *data_len, unsigned char **authz_data, unsigned int *authz_data_len) argument 1517 cms_envelopeddata_create(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, pkinit_identity_crypto_context idctx, krb5_preauthtype pa_type, int include_certchain, unsigned char *key_pack, unsigned int key_pack_len, unsigned char **out, unsigned int *out_len) argument 1811 crypto_retrieve_X509_sans(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, X509 *cert, krb5_principal **princs_ret, krb5_principal **upn_ret, unsigned char ***dns_ret) argument 1976 crypto_retrieve_cert_sans(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, pkinit_identity_crypto_context idctx, krb5_principal **princs_ret, krb5_principal **upn_ret, unsigned char ***dns_ret) argument 1998 crypto_check_cert_eku(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, pkinit_identity_crypto_context idctx, int checking_kdc_cert, int allow_secondary_usage, int *valid_eku) argument [all...] |