Lines Matching +defs:diff +defs:id
64 struct krb5_pk_identity *id;
211 struct krb5_pk_identity *id,
217 if (id->cert == NULL)
226 id->cert,
229 id->certpool,
244 ExternalPrincipalIdentifier id;
252 memset(&id, 0, sizeof(id));
260 id.subjectName = calloc(1, sizeof(*id.subjectName));
261 if (id.subjectName == NULL) {
263 free_ExternalPrincipalIdentifier(&id);
267 ret = hx509_name_binary(subject, id.subjectName);
270 free_ExternalPrincipalIdentifier(&id);
277 id.issuerAndSerialNumber = calloc(1, sizeof(*id.issuerAndSerialNumber));
278 if (id.issuerAndSerialNumber == NULL) {
279 free_ExternalPrincipalIdentifier(&id);
292 free_ExternalPrincipalIdentifier(&id);
299 free_ExternalPrincipalIdentifier(&id);
306 free_ExternalPrincipalIdentifier(&id);
311 id.issuerAndSerialNumber->data,
312 id.issuerAndSerialNumber->length,
316 free_ExternalPrincipalIdentifier(&id);
319 if (id.issuerAndSerialNumber->length != size)
323 id.subjectKeyIdentifier = NULL;
327 free_ExternalPrincipalIdentifier(&id);
332 ids->val[ids->len] = id;
598 ctx->id->cert,
713 ret = create_signature(context, oid, &buf, ctx->id,
759 ctx->id->anchors, req.trustedCertifiers);
810 if (ctx->id->cert == NULL && ctx->anonymous == 0) {
869 if (ctx->id->flags & PKINIT_BTMM) {
882 struct krb5_pk_identity *id,
893 if (id->flags & PKINIT_BTMM) {
902 id->verify_ctx,
907 id->certpool,
1170 ctx->id->certs,
1233 ctx->id,
1322 ctx->id,
1426 size_t diff = size - dh_gen_keylen;
1427 memmove(dh_gen_key + diff, dh_gen_key, dh_gen_keylen);
1428 memset(dh_gen_key, 0, diff);
1752 if (ctx->id->cert)
1753 hx509_cert_free(ctx->id->cert);
1755 ctx->id->cert = hx509_cert_ref(cert);
1757 if (ctx->id->certs)
1758 hx509_certs_free(&ctx->id->certs);
1761 if (ctx->id->cert) {
1762 ret = hx509_certs_init(context->hx509ctx, "MEMORY:pkinit-set-user-id",
1763 0, NULL, &ctx->id->certs);
1766 hx509_certs_add(context->hx509ctx, ctx->id->certs, cert);
1769 if (ctx->id->cert && _krb5_have_debug(context, 2)) {
1774 ret = hx509_cert_get_subject(ctx->id->cert, &name);
1783 ret = hx509_cert_get_serialnumber(ctx->id->cert, &i);
1815 if (ctx->id->certs)
1816 hx509_certs_free(&ctx->id->certs);
1817 if (ctx->id->cert) {
1818 hx509_cert_free(ctx->id->cert);
1819 ctx->id->cert = NULL;
1823 hx509_certs_merge(context->hx509ctx, ctx->id->certpool, c);
1825 ctx->id->certs = c;
1838 ret = _krb5_pk_find_cert(context, (ctx->id->flags & PKINIT_BTMM) ? 1 : 0,
1839 ctx->id->certs, q, &cert);
1861 struct krb5_pk_identity *id = NULL;
1875 id = calloc(1, sizeof(*id));
1876 if (id == NULL) {
1906 ret = hx509_certs_init(context->hx509ctx, user_id, 0, lock, &id->certs);
1914 id->certs = NULL;
1917 ret = hx509_certs_init(context->hx509ctx, anchor_id, 0, NULL, &id->anchors);
1925 0, NULL, &id->certpool);
1933 ret = hx509_certs_append(context->hx509ctx, id->certpool,
1943 ret = hx509_revoke_init(context->hx509ctx, &id->revokectx);
1952 id->revokectx,
1964 ret = hx509_verify_init_ctx(context->hx509ctx, &id->verify_ctx);
1971 hx509_verify_attach_anchors(id->verify_ctx, id->anchors);
1972 hx509_verify_attach_revoke(id->verify_ctx, id->revokectx);
1976 hx509_verify_destroy_ctx(id->verify_ctx);
1977 hx509_certs_free(&id->certs);
1978 hx509_certs_free(&id->anchors);
1979 hx509_certs_free(&id->certpool);
1980 hx509_revoke_free(&id->revokectx);
1981 free(id);
1983 *ret_id = id;
2319 if (ctx->id) {
2320 hx509_verify_destroy_ctx(ctx->id->verify_ctx);
2321 hx509_certs_free(&ctx->id->certs);
2322 hx509_cert_free(ctx->id->cert);
2323 hx509_certs_free(&ctx->id->anchors);
2324 hx509_certs_free(&ctx->id->certpool);
2332 free(ctx->id);
2333 ctx->id = NULL;
2419 &opt->opt_private->pk_init_ctx->id,
2433 opt->opt_private->pk_init_ctx->id->flags |= PKINIT_BTMM;
2436 opt->opt_private->pk_init_ctx->id->flags |= PKINIT_BTMM;
2438 if (opt->opt_private->pk_init_ctx->id->certs) {
2442 opt->opt_private->pk_init_ctx->id->certs);
2444 opt->opt_private->pk_init_ctx->id->cert = NULL;
2448 hx509_cert cert = opt->opt_private->pk_init_ctx->id->cert;
2469 if (opt->opt_private->pk_init_ctx->id->certs == NULL) {
2588 krb5_set_error_message(context, ENOENT, "no user id");