oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

kx509: Add CSR support

Browse Source 
This commit adds support for proof of posession to the kx509 protocol by
using PKCS#10 CSRs.

This allows conveyance of extReq CSR attributes requesting desired
Certificate Extensions.
This commit is contained in:
Nicolas Williams
2019-07-15 23:27:30 -05:00
parent c838abdf1a
commit dfada0ccad
16 changed files with 1690 additions and 457 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/krb5/version-script.map
View File

@@ -432,6 +432,19 @@ HEIMDAL_KRB5_2.0 {
krb5_kt_start_seq_get;
krb5_kuserok;
krb5_kx509;
krb5_kx509_ctx_add_auth_data;
krb5_kx509_ctx_add_eku;
krb5_kx509_ctx_add_san_dns_name;
krb5_kx509_ctx_add_san_ms_upn;
krb5_kx509_ctx_add_san_pkinit;
krb5_kx509_ctx_add_san_registeredID;
krb5_kx509_ctx_add_san_rfc822Name;
krb5_kx509_ctx_add_san_xmpp;
krb5_kx509_ctx_free;
krb5_kx509_ctx_init;
krb5_kx509_ctx_set_csr_der;
krb5_kx509_ctx_set_key;
krb5_kx509_ctx_set_realm;
krb5_kx509_ext;
krb5_log;
krb5_log_msg;