From 928c06737ef99b02b0e0b469b9603e4945f59aa5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Mon, 23 Jul 2007 18:33:31 +0000 Subject: [PATCH] Fold in pk-init-alg-agilty. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21677 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/asn1/pkinit.asn1 | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/lib/asn1/pkinit.asn1 b/lib/asn1/pkinit.asn1 index 1bfc11ad7..989b26581 100644 --- a/lib/asn1/pkinit.asn1 +++ b/lib/asn1/pkinit.asn1 @@ -2,7 +2,7 @@ PKINIT DEFINITIONS ::= BEGIN -IMPORTS EncryptionKey, PrincipalName, Realm, KerberosTime, Checksum FROM krb5 +IMPORTS EncryptionKey, PrincipalName, Realm, KerberosTime, Checksum, Ticket FROM krb5 IssuerAndSerialNumber, ContentInfo FROM cms SubjectPublicKeyInfo, AlgorithmIdentifier FROM rfc2459 heim_any FROM heim; @@ -40,6 +40,11 @@ td-dh-parameters INTEGER ::= 109 DHNonce ::= OCTET STRING +KDFAlgorithmId ::= SEQUENCE { + kdf-id [0] OBJECT IDENTIFIER, + ... +} + TrustedCA ::= SEQUENCE { caName [0] IMPLICIT OCTET STRING, certificateSerialNumber [1] INTEGER OPTIONAL, @@ -76,6 +81,8 @@ AuthPack ::= SEQUENCE { clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL, supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL, clientDHNonce [3] DHNonce OPTIONAL, + ..., + supportedKDFs [4] SEQUENCE OF KDFAlgorithmId OPTIONAL, ... } @@ -89,10 +96,12 @@ KRB5PrincipalName ::= SEQUENCE { AD-INITIAL-VERIFIED-CAS ::= SEQUENCE OF ExternalPrincipalIdentifier - DHRepInfo ::= SEQUENCE { dhSignedData [0] IMPLICIT OCTET STRING, - serverDHNonce [1] DHNonce OPTIONAL + serverDHNonce [1] DHNonce OPTIONAL, + ..., + kdf [2] KDFAlgorithmId OPTIONAL, + ... } PA-PK-AS-REP ::= CHOICE { @@ -162,4 +171,12 @@ ReplyKeyPack-Win2k ::= SEQUENCE { ... } +PkinitSuppPubInfo ::= SEQUENCE { + enctype [0] INTEGER (-2147483648..2147483647), + as-REQ [1] OCTET STRING, + pk-as-rep [2] OCTET STRING, + ticket [3] Ticket, + ... +} + END