xref: /freebsd/crypto/heimdal/lib/gssapi/spnego/spnego.asn1 (revision e8d8bef961a50d4dc22501cde4fb9fb0be1b2532)
1-- $Id$
2
3SPNEGO DEFINITIONS ::=
4BEGIN
5
6MechType::= OBJECT IDENTIFIER
7
8MechTypeList ::= SEQUENCE OF MechType
9
10ContextFlags ::= BIT STRING {
11    delegFlag       (0),
12    mutualFlag      (1),
13    replayFlag      (2),
14    sequenceFlag    (3),
15    anonFlag        (4),
16    confFlag        (5),
17    integFlag       (6)
18}
19
20NegHints ::= SEQUENCE {
21    hintName       [0]  GeneralString	OPTIONAL,
22    hintAddress    [1]  OCTET STRING	OPTIONAL
23}
24
25NegTokenInitWin ::= SEQUENCE {
26    mechTypes       [0] MechTypeList,
27    reqFlags        [1] ContextFlags   OPTIONAL,
28    mechToken       [2] OCTET STRING   OPTIONAL,
29    negHints        [3] NegHints       OPTIONAL
30}
31
32NegTokenInit ::= SEQUENCE {
33    mechTypes       [0] MechTypeList,
34    reqFlags        [1] ContextFlags   OPTIONAL,
35    mechToken       [2] OCTET STRING   OPTIONAL,
36    mechListMIC	    [3] OCTET STRING   OPTIONAL,
37    ...
38}
39
40-- NB: negResult is not OPTIONAL in the new SPNEGO spec but
41-- Windows clients do not always send it
42NegTokenResp ::= SEQUENCE {
43    negResult      [0] ENUMERATED {
44                            accept_completed    (0),
45                            accept_incomplete   (1),
46                            reject              (2),
47                            request-mic         (3) }          OPTIONAL,
48    supportedMech  [1] MechType                                OPTIONAL,
49    responseToken  [2] OCTET STRING                            OPTIONAL,
50    mechListMIC    [3] OCTET STRING                            OPTIONAL,
51    ...
52}
53
54NegotiationToken ::= CHOICE {
55	negTokenInit[0]		NegTokenInit,
56	negTokenResp[1]		NegTokenResp
57}
58
59NegotiationTokenWin ::= CHOICE {
60	negTokenInit[0]		NegTokenInitWin
61}
62
63END
64