crypto/heimdal/lib/asn1/setchgpw2.asn1

   1 -- $Id$
   2
   3 SETCHGPW2 DEFINITIONS ::=
   4 BEGIN
   5
   6 IMPORTS PrincipalName, Realm, ENCTYPE FROM krb5;
   7
   8 ProtocolErrorCode ::= ENUMERATED {
   9         generic-error(0),
  10         unsupported-major-version(1),
  11         unsupported-minor-version(2),
  12         unsupported-operation(3),
  13         authorization-failed(4),
  14         initial-ticket-required(5),
  15         target-principal-unknown(6),
  16         ...
  17 }
  18
  19 Key     ::= SEQUENCE {
  20         enc-type[0]     INTEGER,
  21         key[1]          OCTET STRING,
  22         ...
  23 }
  24
  25 Language-Tag    ::= UTF8String    -- Constrained by RFC3066
  26
  27 LangTaggedText  ::= SEQUENCE {
  28         language[0]     Language-Tag OPTIONAL,
  29         text[1]         UTF8String,
  30         ...
  31 }
  32
  33 -- NULL Op
  34
  35 Req-null ::= NULL
  36 Rep-null ::= NULL
  37 Err-null ::= NULL
  38
  39 -- Change password
  40 Req-change-pw ::= SEQUENCE {
  41         old-pw[0]       UTF8String,
  42         new-pw[1]       UTF8String OPTIONAL,
  43         etypes[2]       SEQUENCE OF ENCTYPE OPTIONAL,
  44         ...
  45 }
  46
  47 Rep-change-pw ::= SEQUENCE {
  48         info-text[0]    UTF8String OPTIONAL,
  49         new-pw[1]       UTF8String OPTIONAL,
  50         etypes[2]       SEQUENCE OF ENCTYPE OPTIONAL
  51 }
  52
  53 Err-change-pw ::= SEQUENCE {
  54         help-text[0]            UTF8String OPTIONAL,
  55         code[1]                 ENUMERATED {
  56                 generic(0),
  57                 wont-generate-new-pw(1),
  58                 old-pw-incorrect(2),
  59                 new-pw-rejected-geneneric(3),
  60                 pw-change-too-short(4),
  61                 ...
  62         },
  63         suggested-new-pw[2]     UTF8String OPTIONAL,
  64         ...
  65 }
  66
  67 -- Change/Set keys
  68 Req-set-keys ::= SEQUENCE {
  69         etypes[0]       SEQUENCE OF ENCTYPE,
  70         entropy[1]      OCTET STRING,
  71         ...
  72 }
  73
  74 Rep-set-keys ::= SEQUENCE {
  75         info-text[0]            UTF8String OPTIONAL,
  76         kvno[1]                 INTEGER,
  77         keys[2]                 SEQUENCE OF Key,
  78         aliases[3]      SEQUENCE OF SEQUENCE {
  79                 name[0] PrincipalName,
  80                 realm[1] Realm OPTIONAL,
  81                 ...
  82         },
  83         ...
  84 }
  85
  86 Err-set-keys ::= SEQUENCE {
  87         help-text[0]            UTF8String OPTIONAL,
  88         enctypes[1]             SEQUENCE OF ENCTYPE OPTIONAL,
  89         code[1]         ENUMERATED {
  90                 etype-no-support(0),
  91                 ...
  92         },
  93         ...
  94 }
  95
  96 -- Get password policy
  97 Req-get-pw-policy ::= NULL
  98
  99 Rep-get-pw-policy ::= SEQUENCE {
 100         help-text[0]            UTF8String OPTIONAL,
 101         policy-name[1]          UTF8String OPTIONAL,
 102         description[2]          UTF8String OPTIONAL,
 103         ...
 104 }
 105
 106 Err-get-pw-policy ::= NULL
 107
 108 -- Get principal aliases
 109 Req-get-princ-aliases ::= NULL
 110
 111 Rep-get-princ-aliases ::= SEQUENCE {
 112         help-text[0]            UTF8String OPTIONAL,
 113         aliases[1]      SEQUENCE OF SEQUENCE {
 114                 name[0]         PrincipalName,
 115                 realm[1]        Realm OPTIONAL,
 116                 ...
 117         } OPTIONAL,
 118         ...
 119 }
 120
 121 Err-get-princ-aliases ::= NULL
 122
 123 -- Get list of encryption types supported by KDC for new types
 124 Req-get-supported-etypes ::= NULL
 125
 126 Rep-get-supported-etypes ::= SEQUENCE OF ENCTYPE
 127
 128 Err-get-supported-etypes ::= NULL
 129
 130 -- Choice switch
 131
 132 Op-req ::= CHOICE {
 133         null[0]                 Req-null,
 134         change-pw[1]            Req-change-pw,
 135         set-keys[2]             Req-set-keys,
 136         get-pw-policy[3]        Req-get-pw-policy,
 137         get-princ-aliases[4]    Req-get-princ-aliases,
 138         get-supported-etypes[5] Req-get-supported-etypes,
 139         ...
 140 }
 141
 142 Op-rep ::= CHOICE {
 143         null[0]                 Rep-null,
 144         change-pw[1]            Rep-change-pw,
 145         set-keys[2]             Rep-set-keys,
 146         get-pw-policy[3]        Rep-get-pw-policy,
 147         get-princ-aliases[4]    Rep-get-princ-aliases,
 148         get-supported-etypes[5] Rep-get-supported-etypes,
 149         ...
 150 }
 151
 152 Op-error ::= CHOICE {
 153         null[0]                 Err-null,
 154         change-pw[1]            Err-change-pw,
 155         set-keys[2]             Err-set-keys,
 156         get-pw-policy[3]        Err-get-pw-policy,
 157         get-princ-aliases[4]    Err-get-princ-aliases,
 158         get-supported-etypes[5] Err-get-supported-etypes,
 159         ...
 160 }
 161
 162
 163 Request ::= [ APPLICATION 0 ] SEQUENCE {
 164         pvno-major[0]   INTEGER DEFAULT 2,
 165         pvno-minor[1]   INTEGER DEFAULT 0,
 166         languages[2]    SEQUENCE OF Language-Tag OPTIONAL,
 167         targ-name[3]    PrincipalName OPTIONAL,
 168         targ-realm[4]   Realm OPTIONAL,
 169         operation[5]    Op-Req,
 170         ...
 171 }
 172
 173 Response ::= [ APPLICATION 1 ] SEQUENCE {
 174         pvno-major[0]   INTEGER DEFAULT 2,
 175         pvno-minor[1]   INTEGER DEFAULT 0,
 176         language[2]     Language-Tag DEFAULT "i-default",
 177         result[3]       Op-rep OPTIONAL,
 178         ...
 179 }
 180
 181 Error-Response ::= [ APPLICATION 2 ] SEQUENCE {
 182         pvno-major[0]   INTEGER DEFAULT 2,
 183         pvno-minor[1]   INTEGER DEFAULT 0,
 184         language[2]     Language-Tag DEFAULT "i-default",
 185         error-code[3]   ProtocolErrorCode,
 186         help-text[4]    UTF8String OPTIONAL,
 187         op-error[5]     Op-error OP-ERROR,
 188         ...
 189 }
 190
 191 END
 192
 193 -- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' setchgpw2.asn1