1-- $Id$ 2 3SETCHGPW2 DEFINITIONS ::= 4BEGIN 5 6IMPORTS PrincipalName, Realm, ENCTYPE FROM krb5; 7 8ProtocolErrorCode ::= ENUMERATED { 9 generic-error(0), 10 unsupported-major-version(1), 11 unsupported-minor-version(2), 12 unsupported-operation(3), 13 authorization-failed(4), 14 initial-ticket-required(5), 15 target-principal-unknown(6), 16 ... 17} 18 19Key ::= SEQUENCE { 20 enc-type[0] INTEGER, 21 key[1] OCTET STRING, 22 ... 23} 24 25Language-Tag ::= UTF8String -- Constrained by RFC3066 26 27LangTaggedText ::= SEQUENCE { 28 language[0] Language-Tag OPTIONAL, 29 text[1] UTF8String, 30 ... 31} 32 33-- NULL Op 34 35Req-null ::= NULL 36Rep-null ::= NULL 37Err-null ::= NULL 38 39-- Change password 40Req-change-pw ::= SEQUENCE { 41 old-pw[0] UTF8String, 42 new-pw[1] UTF8String OPTIONAL, 43 etypes[2] SEQUENCE OF ENCTYPE OPTIONAL, 44 ... 45} 46 47Rep-change-pw ::= SEQUENCE { 48 info-text[0] UTF8String OPTIONAL, 49 new-pw[1] UTF8String OPTIONAL, 50 etypes[2] SEQUENCE OF ENCTYPE OPTIONAL 51} 52 53Err-change-pw ::= SEQUENCE { 54 help-text[0] UTF8String OPTIONAL, 55 code[1] ENUMERATED { 56 generic(0), 57 wont-generate-new-pw(1), 58 old-pw-incorrect(2), 59 new-pw-rejected-geneneric(3), 60 pw-change-too-short(4), 61 ... 62 }, 63 suggested-new-pw[2] UTF8String OPTIONAL, 64 ... 65} 66 67-- Change/Set keys 68Req-set-keys ::= SEQUENCE { 69 etypes[0] SEQUENCE OF ENCTYPE, 70 entropy[1] OCTET STRING, 71 ... 72} 73 74Rep-set-keys ::= SEQUENCE { 75 info-text[0] UTF8String OPTIONAL, 76 kvno[1] INTEGER, 77 keys[2] SEQUENCE OF Key, 78 aliases[3] SEQUENCE OF SEQUENCE { 79 name[0] PrincipalName, 80 realm[1] Realm OPTIONAL, 81 ... 82 }, 83 ... 84} 85 86Err-set-keys ::= SEQUENCE { 87 help-text[0] UTF8String OPTIONAL, 88 enctypes[1] SEQUENCE OF ENCTYPE OPTIONAL, 89 code[1] ENUMERATED { 90 etype-no-support(0), 91 ... 92 }, 93 ... 94} 95 96-- Get password policy 97Req-get-pw-policy ::= NULL 98 99Rep-get-pw-policy ::= SEQUENCE { 100 help-text[0] UTF8String OPTIONAL, 101 policy-name[1] UTF8String OPTIONAL, 102 description[2] UTF8String OPTIONAL, 103 ... 104} 105 106Err-get-pw-policy ::= NULL 107 108-- Get principal aliases 109Req-get-princ-aliases ::= NULL 110 111Rep-get-princ-aliases ::= SEQUENCE { 112 help-text[0] UTF8String OPTIONAL, 113 aliases[1] SEQUENCE OF SEQUENCE { 114 name[0] PrincipalName, 115 realm[1] Realm OPTIONAL, 116 ... 117 } OPTIONAL, 118 ... 119} 120 121Err-get-princ-aliases ::= NULL 122 123-- Get list of encryption types supported by KDC for new types 124Req-get-supported-etypes ::= NULL 125 126Rep-get-supported-etypes ::= SEQUENCE OF ENCTYPE 127 128Err-get-supported-etypes ::= NULL 129 130-- Choice switch 131 132Op-req ::= CHOICE { 133 null[0] Req-null, 134 change-pw[1] Req-change-pw, 135 set-keys[2] Req-set-keys, 136 get-pw-policy[3] Req-get-pw-policy, 137 get-princ-aliases[4] Req-get-princ-aliases, 138 get-supported-etypes[5] Req-get-supported-etypes, 139 ... 140} 141 142Op-rep ::= CHOICE { 143 null[0] Rep-null, 144 change-pw[1] Rep-change-pw, 145 set-keys[2] Rep-set-keys, 146 get-pw-policy[3] Rep-get-pw-policy, 147 get-princ-aliases[4] Rep-get-princ-aliases, 148 get-supported-etypes[5] Rep-get-supported-etypes, 149 ... 150} 151 152Op-error ::= CHOICE { 153 null[0] Err-null, 154 change-pw[1] Err-change-pw, 155 set-keys[2] Err-set-keys, 156 get-pw-policy[3] Err-get-pw-policy, 157 get-princ-aliases[4] Err-get-princ-aliases, 158 get-supported-etypes[5] Err-get-supported-etypes, 159 ... 160} 161 162 163Request ::= [ APPLICATION 0 ] SEQUENCE { 164 pvno-major[0] INTEGER DEFAULT 2, 165 pvno-minor[1] INTEGER DEFAULT 0, 166 languages[2] SEQUENCE OF Language-Tag OPTIONAL, 167 targ-name[3] PrincipalName OPTIONAL, 168 targ-realm[4] Realm OPTIONAL, 169 operation[5] Op-Req, 170 ... 171} 172 173Response ::= [ APPLICATION 1 ] SEQUENCE { 174 pvno-major[0] INTEGER DEFAULT 2, 175 pvno-minor[1] INTEGER DEFAULT 0, 176 language[2] Language-Tag DEFAULT "i-default", 177 result[3] Op-rep OPTIONAL, 178 ... 179} 180 181Error-Response ::= [ APPLICATION 2 ] SEQUENCE { 182 pvno-major[0] INTEGER DEFAULT 2, 183 pvno-minor[1] INTEGER DEFAULT 0, 184 language[2] Language-Tag DEFAULT "i-default", 185 error-code[3] ProtocolErrorCode, 186 help-text[4] UTF8String OPTIONAL, 187 op-error[5] Op-error OP-ERROR, 188 ... 189} 190 191END 192 193-- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' setchgpw2.asn1 194