OpenBSD-4.6/kerberosV/src/lib/asn1/pkinit.asn1

PKINIT DEFINITIONS ::= BEGIN

IMPORTS  EncryptionKey, PrincipalName, Realm, KerberosTime, TypedData 
	FROM krb5;
IMPORTS SignedData, EnvelopedData FROM CMS;
IMPORTS CertificateSerialNumber, AttributeTypeAndValue, Name FROM X509;


-- 3.1

CertPrincipalName ::= SEQUENCE {
	name-type[0]		INTEGER,
	name-string[1]		SEQUENCE OF UTF8String
}


-- 3.2.2


TrustedCertifiers ::= SEQUENCE OF PrincipalName
				-- X.500 name encoded as a principal name
				-- see Section 3.1
CertificateIndex  ::= INTEGER
				-- 0 = 1st certificate,
				--     (in order of encoding)
				-- 1 = 2nd certificate, etc

PA-PK-AS-REP ::= CHOICE {
				-- PA TYPE 15
	dhSignedData[0]		SignedData,
				-- Defined in CMS and used only with
				-- Diffie-Hellman key exchange (if the
				-- client public value was present in the
				-- request).
				-- This choice MUST be supported
				-- by compliant implementations.
	encKeyPack[1]		EnvelopedData
				-- Defined in CMS
				-- The temporary key is encrypted
				-- using the client public key
				-- key
				-- SignedReplyKeyPack, encrypted
				-- with the temporary key, is also
				-- included.
}



KdcDHKeyInfo ::= SEQUENCE {
				-- used only when utilizing Diffie-Hellman
	nonce[0]		INTEGER,
				-- binds responce to the request
	subjectPublicKey[2]	BIT STRING
				-- Equals public exponent (g^a mod p)
				-- INTEGER encoded as payload of
				-- BIT STRING
}

ReplyKeyPack ::= SEQUENCE {
				-- not used for Diffie-Hellman
	replyKey[0]		EncryptionKey,
				-- used to encrypt main reply
				-- ENCTYPE is at least as strong as
				-- ENCTYPE of session key
	nonce[1]		INTEGER
				-- binds response to the request
				-- must be same as the nonce
				-- passed in the PKAuthenticator
}

-- subjectAltName EXTENSION ::= {
-- 	SYNTAX GeneralNames
-- 	IDENTIFIED BY id-ce-subjectAltName
-- }

OtherName ::= SEQUENCE {
	type-id			OBJECT IDENTIFIER,
	value[0]		OCTET STRING
--	value[0] EXPLICIT ANY DEFINED BY type-id
}

GeneralName ::= CHOICE {
	otherName       [0] OtherName,
	...
}

GeneralNames ::= SEQUENCE -- SIZE(1..MAX)
	OF GeneralName

KerberosName ::= SEQUENCE {
	realm[0]		Realm,
				-- as defined in RFC 1510
	principalName[1]	CertPrincipalName
				-- defined above
}


-- krb5 OBJECT IDENTIFIER ::= {
-- 	iso (1) org (3) dod (6) internet (1) security (5) kerberosv5 (2)
-- }

-- krb5PrincipalName OBJECT IDENTIFIER ::= { krb5 2 }

-- 3.2.1


IssuerAndSerialNumber ::= SEQUENCE {
	issuer			Name,
	serialNumber		CertificateSerialNumber
}

TrustedCas ::= CHOICE {
	principalName[0]	KerberosName,
				-- as defined below
	caName[1]		Name,
				-- fully qualified X.500 name
				-- as defined by X.509
	issuerAndSerial[2]	IssuerAndSerialNumber
				-- Since a CA may have a number of
				-- certificates, only one of which
				-- a client trusts
}

PA-PK-AS-REQ ::= SEQUENCE {
	-- PA TYPE 14
	signedAuthPack[0]	SignedData,
				-- defined in CMS [11]
				-- AuthPack (below) defines the data
				-- that is signed
	trustedCertifiers[1]	SEQUENCE OF TrustedCas OPTIONAL,
				-- CAs that the client trusts
	kdcCert[2]		IssuerAndSerialNumber OPTIONAL,
				-- as defined in CMS [11]
				-- specifies a particular KDC
				-- certificate if the client
				-- already has it;
	encryptionCert[3]	IssuerAndSerialNumber OPTIONAL
				-- For example, this may be the
				-- client's Diffie-Hellman
				-- certificate, or it may be the
				-- client's RSA encryption
				-- certificate.
}

PKAuthenticator ::= SEQUENCE {
	kdcName[0]		PrincipalName,
	kdcRealm[1]		Realm,
	cusec[2]		INTEGER,
				-- for replay prevention as in RFC1510
	ctime[3]		KerberosTime,
				-- for replay prevention as in RFC1510
	nonce[4]		INTEGER
}

-- This is the real definition of AlgorithmIdentifier
-- AlgorithmIdentifier ::= SEQUENCE {
-- 	algorithm		ALGORITHM.&id,
--	parameters		ALGORITHM.&Type
-- }   -- as specified by the X.509 recommendation[10]

-- But we'll use this one instead:

AlgorithmIdentifier ::= SEQUENCE {
	algorithm		OBJECT IDENTIFIER,
	parameters		CHOICE {
					a INTEGER
				}
}



SubjectPublicKeyInfo ::= SEQUENCE {
	algorithm		AlgorithmIdentifier,
				-- dhKeyAgreement
	subjectPublicKey	BIT STRING
				-- for DH, equals
				-- public exponent (INTEGER encoded
				-- as payload of BIT STRING)
} -- as specified by the X.509 recommendation[10]

AuthPack ::= SEQUENCE {
	pkAuthenticator[0]	PKAuthenticator,
	clientPublicValue[1]	SubjectPublicKeyInfo OPTIONAL
				-- if client is using Diffie-Hellman
				-- (ephemeral-ephemeral only)
}


END