xref: /freebsd/crypto/heimdal/lib/hdb/hdb.asn1 (revision 5e9cd1ae3e10592ed70e7575551cba1bbab04d84)
1-- $Id: hdb.asn1,v 1.8 2000/06/19 15:22:22 joda Exp $
2HDB DEFINITIONS ::=
3BEGIN
4
5IMPORTS EncryptionKey, KerberosTime, Principal FROM krb5;
6
7HDB_DB_FORMAT INTEGER ::= 2	-- format of database,
8				-- update when making changes
9
10-- these should have the same value as the pa-* counterparts
11hdb-pw-salt	INTEGER	::= 3
12hdb-afs3-salt	INTEGER	::= 10
13
14Salt ::= SEQUENCE {
15	type[0]		INTEGER,
16	salt[1]		OCTET STRING
17}
18
19Key ::= SEQUENCE {
20	mkvno[0]	INTEGER OPTIONAL,	-- master key version number
21	key[1]		EncryptionKey,
22	salt[2]		Salt OPTIONAL
23}
24
25Event ::= SEQUENCE {
26	time[0]		KerberosTime,
27	principal[1]	Principal OPTIONAL
28}
29
30HDBFlags ::= BIT STRING {
31	initial(0),		-- require as-req
32	forwardable(1),		-- may issue forwardable
33	proxiable(2),		-- may issue proxiable
34	renewable(3),		-- may issue renewable
35	postdate(4),		-- may issue postdatable
36	server(5),		-- may be server
37	client(6),		-- may be client
38	invalid(7),		-- entry is invalid
39	require-preauth(8),	-- must use preauth
40	change-pw(9),		-- change password service
41	require-hwauth(10),	-- must use hwauth
42	ok-as-delegate(11),	-- as in TicketFlags
43	user-to-user(12),	-- may use user-to-user auth
44	immutable(13)		-- may not be deleted
45}
46
47hdb_entry ::= SEQUENCE {
48	principal[0]	Principal  OPTIONAL, -- this is optional only
49					     -- for compatibility with libkrb5
50	kvno[1]		INTEGER,
51	keys[2]		SEQUENCE OF Key,
52	created-by[3]	Event,
53	modified-by[4]	Event OPTIONAL,
54	valid-start[5]	KerberosTime OPTIONAL,
55	valid-end[6]	KerberosTime OPTIONAL,
56	pw-end[7]	KerberosTime OPTIONAL,
57	max-life[8]	INTEGER OPTIONAL,
58	max-renew[9]	INTEGER OPTIONAL,
59	flags[10]	HDBFlags,
60	etypes[11]	SEQUENCE OF INTEGER OPTIONAL
61}
62
63END
64