94 * Solaris Kerberos:
95 * If PKCS#11 is already being used by the process then C_Finalize should
96 * not be called by pkinit as it would invalidate any PKCS#11 sessions the
97 * process was using prior to loading the pkinit plugin. "finalize_pkcs11"
98 * indicates whether or not C_Finalize should be called by pkinit.
99 */
100 krb5_boolean finalize_pkcs11;
101 #endif
102 };
103
104 /* Solaris Kerberos: need to know if login was done */
105 #define C_LOGIN_DONE 0x1 /* The session is logged in. */
106 #define C_PROMPTED_USER 0x2 /* The user was prompted for token. */
107 #define C_SKIP_PKCS11_AUTH 0x4 /* User does not want to do PKCS11 auth */
108
109 struct _pkinit_plg_crypto_context {
110 DH *dh_1024;
111 DH *dh_2048;
112 DH *dh_4096;
113 ASN1_OBJECT *id_pkinit_authData;
114 ASN1_OBJECT *id_pkinit_authData9;
115 ASN1_OBJECT *id_pkinit_DHKeyData;
116 ASN1_OBJECT *id_pkinit_rkeyData;
117 ASN1_OBJECT *id_pkinit_san;
118 ASN1_OBJECT *id_ms_san_upn;
119 ASN1_OBJECT *id_pkinit_KPClientAuth;
120 ASN1_OBJECT *id_pkinit_KPKdc;
121 ASN1_OBJECT *id_ms_kp_sc_logon;
122 ASN1_OBJECT *id_kp_serverAuth;
123 };
124
125 struct _pkinit_req_crypto_context {
126 X509 *received_cert;
127 DH *dh;
128 };
129
130 #define CERT_MAGIC 0x53534c43
131 struct _pkinit_cert_data {
132 unsigned int magic;
133 pkinit_plg_crypto_context plgctx;
134 pkinit_req_crypto_context reqctx;
|
94 * Solaris Kerberos:
95 * If PKCS#11 is already being used by the process then C_Finalize should
96 * not be called by pkinit as it would invalidate any PKCS#11 sessions the
97 * process was using prior to loading the pkinit plugin. "finalize_pkcs11"
98 * indicates whether or not C_Finalize should be called by pkinit.
99 */
100 krb5_boolean finalize_pkcs11;
101 #endif
102 };
103
104 /* Solaris Kerberos: need to know if login was done */
105 #define C_LOGIN_DONE 0x1 /* The session is logged in. */
106 #define C_PROMPTED_USER 0x2 /* The user was prompted for token. */
107 #define C_SKIP_PKCS11_AUTH 0x4 /* User does not want to do PKCS11 auth */
108
109 struct _pkinit_plg_crypto_context {
110 DH *dh_1024;
111 DH *dh_2048;
112 DH *dh_4096;
113 ASN1_OBJECT *id_pkinit_authData;
114 ASN1_OBJECT *id_pkinit_DHKeyData;
115 ASN1_OBJECT *id_pkinit_rkeyData;
116 ASN1_OBJECT *id_pkinit_san;
117 ASN1_OBJECT *id_ms_san_upn;
118 ASN1_OBJECT *id_pkinit_KPClientAuth;
119 ASN1_OBJECT *id_pkinit_KPKdc;
120 ASN1_OBJECT *id_ms_kp_sc_logon;
121 ASN1_OBJECT *id_kp_serverAuth;
122 };
123
124 struct _pkinit_req_crypto_context {
125 X509 *received_cert;
126 DH *dh;
127 };
128
129 #define CERT_MAGIC 0x53534c43
130 struct _pkinit_cert_data {
131 unsigned int magic;
132 pkinit_plg_crypto_context plgctx;
133 pkinit_req_crypto_context reqctx;
|