/osnet-11/usr/src/lib/krb5/plugins/preauth/pkinit/ |
H A D | pkinit_crypto_openssl.h | 133 pkinit_plg_crypto_context plgctx; member in struct:_pkinit_cert_data 143 pkinit_plg_crypto_context plgctx; member in struct:_pkinit_cert_iter_data
|
H A D | pkinit_clnt.c | 64 pkinit_as_req_create(krb5_context context, pkinit_context plgctx, 72 pkinit_as_rep_parse(krb5_context context, pkinit_context plgctx, 81 pkinit_context plgctx, 111 retval = pkinit_get_kdc_cert(context, plgctx->cryptoctx, reqctx->cryptoctx, 145 retval = pkinit_as_req_create(context, plgctx, reqctx, ctsec, cusec, 219 pkinit_context plgctx, 272 retval = create_krb5_supportedCMSTypes(context, plgctx->cryptoctx, 295 if ((retval = client_create_dh(context, plgctx->cryptoctx, 355 retval = cms_contentinfo_create(context, plgctx->cryptoctx, 363 retval = cms_signeddata_create(context, plgctx 80 pa_pkinit_gen_req(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_kdc_req * request, krb5_pa_data * in_padata, krb5_pa_data *** out_padata, krb5_prompter_fct prompter, void *prompter_data, krb5_get_init_creds_opt *gic_opt) argument 218 pkinit_as_req_create(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_timestamp ctsec, krb5_int32 cusec, krb5_ui_4 nonce, const krb5_checksum * cksum, krb5_principal client, krb5_principal server, krb5_data ** as_req) argument 460 pa_pkinit_parse_rep(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_kdc_req * request, krb5_pa_data * in_padata, krb5_enctype etype, krb5_keyblock * as_key, krb5_data *encoded_request) argument 502 verify_kdc_san(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_principal kdcprinc, int *valid_san, int *need_eku_checking) argument 616 verify_kdc_eku(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, int *eku_accepted) argument 654 pkinit_as_rep_parse(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, krb5_preauthtype pa_type, krb5_kdc_req *request, const krb5_data *as_rep, krb5_keyblock *key_block, krb5_enctype etype, krb5_data *encoded_request) argument 905 pkinit_client_profile(krb5_context context, pkinit_context plgctx, pkinit_req_context reqctx, const krb5_data *realm) argument 1005 pkinit_context plgctx = (pkinit_context)plugin_context; local 1118 pkinit_context plgctx = (pkinit_context)plugin_context; local 1222 pkinit_context plgctx = plugin_context; local 1407 handle_gic_opt(krb5_context context, pkinit_context plgctx, const char *attr, const char *value) argument 1452 pkinit_context plgctx = plugin_context; local [all...] |
H A D | pkinit_srv.c | 57 pkinit_kdc_context plgctx); 115 pkinit_kdc_context plgctx = NULL; local 133 plgctx = pkinit_find_realm_context(context, pa_plugin_context, 135 if (plgctx == NULL) 143 pkinit_kdc_context plgctx, 156 retval = crypto_retrieve_cert_sans(context, plgctx->cryptoctx, 157 reqctx->cryptoctx, plgctx->idctx, 159 plgctx->opts->allow_upn ? &upns : NULL, 168 retval = call_san_checking_plugins(context, plgctx, reqctx, princs, 263 pkinit_kdc_context plgctx, 142 verify_client_san(krb5_context context, pkinit_kdc_context plgctx, pkinit_kdc_req_context reqctx, krb5_principal client, int *valid_san) argument 262 verify_client_eku(krb5_context context, pkinit_kdc_context plgctx, pkinit_kdc_req_context reqctx, int *eku_accepted) argument 314 pkinit_kdc_context plgctx = NULL; local 704 pkinit_kdc_context plgctx; local 1096 pkinit_fini_kdc_profile(krb5_context context, pkinit_kdc_context plgctx) argument 1105 pkinit_init_kdc_profile(krb5_context context, pkinit_kdc_context plgctx) argument 1225 pkinit_kdc_context plgctx = NULL; local 1295 pkinit_kdc_context plgctx, *realm_contexts = NULL; local 1343 pkinit_server_plugin_fini_realm(krb5_context context, pkinit_kdc_context plgctx) argument [all...] |
H A D | pkinit_crypto_openssl.c | 701 pkinit_init_dh_params(pkinit_plg_crypto_context plgctx) argument 705 plgctx->dh_1024 = DH_new(); 706 if (plgctx->dh_1024 == NULL) 708 plgctx->dh_1024->p = BN_bin2bn(pkinit_1024_dhprime, 710 if ((plgctx->dh_1024->g = BN_new()) == NULL || 711 (plgctx->dh_1024->q = BN_new()) == NULL) 713 BN_set_word(plgctx->dh_1024->g, DH_GENERATOR_2); 714 BN_rshift1(plgctx->dh_1024->q, plgctx->dh_1024->p); 716 plgctx 748 pkinit_fini_dh_params(pkinit_plg_crypto_context plgctx) argument 1322 cms_signeddata_verify(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, pkinit_identity_crypto_context idctx, int cms_msg_type, int require_crl_checking, unsigned char *signed_data, unsigned int signed_data_len, unsigned char **data, unsigned int *data_len, unsigned char **authz_data, unsigned int *authz_data_len, int *is_signed) argument 1696 cms_envelopeddata_create(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, pkinit_identity_crypto_context idctx, krb5_preauthtype pa_type, int include_certchain, unsigned char *key_pack, unsigned int key_pack_len, unsigned char **out, unsigned int *out_len) argument 1990 crypto_retrieve_X509_sans(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, X509 *cert, krb5_principal **princs_ret, krb5_principal **upn_ret, unsigned char ***dns_ret) argument 2155 crypto_retrieve_cert_sans(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, pkinit_identity_crypto_context idctx, krb5_principal **princs_ret, krb5_principal **upn_ret, unsigned char ***dns_ret) argument 2177 crypto_check_cert_eku(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, pkinit_identity_crypto_context idctx, int checking_kdc_cert, int allow_secondary_usage, int *valid_eku) argument [all...] |