⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 k5.asn1

📁 samba最新软件
💻 ASN1
📖 第 1 页 / 共 2 页
字号:
🔍
12 
-- $Id: k5.asn1 21965 2007-10-18 18:24:36Z lha $KERBEROS5 DEFINITIONS ::=BEGINNAME-TYPE ::= INTEGER {	KRB5_NT_UNKNOWN(0),	-- Name type not known	KRB5_NT_PRINCIPAL(1),	-- Just the name of the principal as in	KRB5_NT_SRV_INST(2),	-- Service and other unique instance (krbtgt)	KRB5_NT_SRV_HST(3),	-- Service with host name as instance	KRB5_NT_SRV_XHST(4),	-- Service with host as remaining components	KRB5_NT_UID(5),		-- Unique ID	KRB5_NT_X500_PRINCIPAL(6), -- PKINIT	KRB5_NT_SMTP_NAME(7),	-- Name in form of SMTP email name	KRB5_NT_ENTERPRISE_PRINCIPAL(10), -- Windows 2000 UPN	KRB5_NT_ENT_PRINCIPAL_AND_ID(-130), -- Windows 2000 UPN and SID	KRB5_NT_MS_PRINCIPAL(-128), -- NT 4 style name	KRB5_NT_MS_PRINCIPAL_AND_ID(-129) -- NT style name and SID}-- message typesMESSAGE-TYPE ::= INTEGER {	krb-as-req(10), -- Request for initial authentication	krb-as-rep(11), -- Response to KRB_AS_REQ request	krb-tgs-req(12), -- Request for authentication based on TGT	krb-tgs-rep(13), -- Response to KRB_TGS_REQ request	krb-ap-req(14), -- application request to server	krb-ap-rep(15), -- Response to KRB_AP_REQ_MUTUAL	krb-safe(20), -- Safe (checksummed) application message	krb-priv(21), -- Private (encrypted) application message	krb-cred(22), -- Private (encrypted) message to forward credentials	krb-error(30) -- Error response}-- pa-data typesPADATA-TYPE ::= INTEGER {	KRB5-PADATA-NONE(0),	KRB5-PADATA-TGS-REQ(1),	KRB5-PADATA-AP-REQ(1),	KRB5-PADATA-ENC-TIMESTAMP(2),	KRB5-PADATA-PW-SALT(3),	KRB5-PADATA-ENC-UNIX-TIME(5),	KRB5-PADATA-SANDIA-SECUREID(6),	KRB5-PADATA-SESAME(7),	KRB5-PADATA-OSF-DCE(8),	KRB5-PADATA-CYBERSAFE-SECUREID(9),	KRB5-PADATA-AFS3-SALT(10),	KRB5-PADATA-ETYPE-INFO(11),	KRB5-PADATA-SAM-CHALLENGE(12), -- (sam/otp)	KRB5-PADATA-SAM-RESPONSE(13), -- (sam/otp)	KRB5-PADATA-PK-AS-REQ-19(14), -- (PKINIT-19)	KRB5-PADATA-PK-AS-REP-19(15), -- (PKINIT-19)	KRB5-PADATA-PK-AS-REQ-WIN(15), -- (PKINIT - old number)	KRB5-PADATA-PK-AS-REQ(16), -- (PKINIT-25)	KRB5-PADATA-PK-AS-REP(17), -- (PKINIT-25)	KRB5-PADATA-PA-PK-OCSP-RESPONSE(18),	KRB5-PADATA-ETYPE-INFO2(19),	KRB5-PADATA-USE-SPECIFIED-KVNO(20),	KRB5-PADATA-SVR-REFERRAL-INFO(20), --- old ms referral number	KRB5-PADATA-SAM-REDIRECT(21), -- (sam/otp)	KRB5-PADATA-GET-FROM-TYPED-DATA(22),	KRB5-PADATA-SAM-ETYPE-INFO(23),	KRB5-PADATA-SERVER-REFERRAL(25),	KRB5-PADATA-TD-KRB-PRINCIPAL(102),	-- PrincipalName	KRB5-PADATA-PK-TD-TRUSTED-CERTIFIERS(104), -- PKINIT	KRB5-PADATA-PK-TD-CERTIFICATE-INDEX(105), -- PKINIT	KRB5-PADATA-TD-APP-DEFINED-ERROR(106),	-- application specific	KRB5-PADATA-TD-REQ-NONCE(107),		-- INTEGER	KRB5-PADATA-TD-REQ-SEQ(108),		-- INTEGER	KRB5-PADATA-PA-PAC-REQUEST(128),	-- jbrezak@exchange.microsoft.com	KRB5-PADATA-S4U2SELF(129),	KRB5-PADATA-PK-AS-09-BINDING(132),	-- client send this to 						-- tell KDC that is supports 						-- the asCheckSum in the						--  PK-AS-REP	KRB5-PADATA-CLIENT-CANONICALIZED(133)	-- }AUTHDATA-TYPE ::= INTEGER {	KRB5-AUTHDATA-IF-RELEVANT(1),	KRB5-AUTHDATA-INTENDED-FOR_SERVER(2),	KRB5-AUTHDATA-INTENDED-FOR-APPLICATION-CLASS(3),	KRB5-AUTHDATA-KDC-ISSUED(4),	KRB5-AUTHDATA-AND-OR(5),	KRB5-AUTHDATA-MANDATORY-TICKET-EXTENSIONS(6),	KRB5-AUTHDATA-IN-TICKET-EXTENSIONS(7),	KRB5-AUTHDATA-MANDATORY-FOR-KDC(8),	KRB5-AUTHDATA-INITIAL-VERIFIED-CAS(9),	KRB5-AUTHDATA-OSF-DCE(64),	KRB5-AUTHDATA-SESAME(65),	KRB5-AUTHDATA-OSF-DCE-PKI-CERTID(66),	KRB5-AUTHDATA-WIN2K-PAC(128),	KRB5-AUTHDATA-GSS-API-ETYPE-NEGOTIATION(129), -- Authenticator only	KRB5-AUTHDATA-SIGNTICKET(-17)}-- checksumtypesCKSUMTYPE ::= INTEGER {	CKSUMTYPE_NONE(0),	CKSUMTYPE_CRC32(1),	CKSUMTYPE_RSA_MD4(2),	CKSUMTYPE_RSA_MD4_DES(3),	CKSUMTYPE_DES_MAC(4),	CKSUMTYPE_DES_MAC_K(5),	CKSUMTYPE_RSA_MD4_DES_K(6),	CKSUMTYPE_RSA_MD5(7),	CKSUMTYPE_RSA_MD5_DES(8),	CKSUMTYPE_RSA_MD5_DES3(9),	CKSUMTYPE_SHA1_OTHER(10),	CKSUMTYPE_HMAC_SHA1_DES3(12),	CKSUMTYPE_SHA1(14),	CKSUMTYPE_HMAC_SHA1_96_AES_128(15),	CKSUMTYPE_HMAC_SHA1_96_AES_256(16),	CKSUMTYPE_GSSAPI(0x8003),	CKSUMTYPE_HMAC_MD5(-138),	-- unofficial microsoft number	CKSUMTYPE_HMAC_MD5_ENC(-1138)	-- even more unofficial}--enctypesENCTYPE ::= INTEGER {	ETYPE_NULL(0),	ETYPE_DES_CBC_CRC(1),	ETYPE_DES_CBC_MD4(2),	ETYPE_DES_CBC_MD5(3),	ETYPE_DES3_CBC_MD5(5),	ETYPE_OLD_DES3_CBC_SHA1(7),	ETYPE_SIGN_DSA_GENERATE(8),	ETYPE_ENCRYPT_RSA_PRIV(9),	ETYPE_ENCRYPT_RSA_PUB(10),	ETYPE_DES3_CBC_SHA1(16),	-- with key derivation	ETYPE_AES128_CTS_HMAC_SHA1_96(17),	ETYPE_AES256_CTS_HMAC_SHA1_96(18),	ETYPE_ARCFOUR_HMAC_MD5(23),	ETYPE_ARCFOUR_HMAC_MD5_56(24),	ETYPE_ENCTYPE_PK_CROSS(48),-- some "old" windows types	ETYPE_ARCFOUR_MD4(-128),	ETYPE_ARCFOUR_HMAC_OLD(-133),	ETYPE_ARCFOUR_HMAC_OLD_EXP(-135),-- these are for Heimdal internal use	ETYPE_DES_CBC_NONE(-0x1000),	ETYPE_DES3_CBC_NONE(-0x1001),	ETYPE_DES_CFB64_NONE(-0x1002),	ETYPE_DES_PCBC_NONE(-0x1003),	ETYPE_DIGEST_MD5_NONE(-0x1004),		-- private use, lukeh@padl.com	ETYPE_CRAM_MD5_NONE(-0x1005)		-- private use, lukeh@padl.com}-- this is sugar to make something ASN1 does not have: unsignedkrb5uint32 ::= INTEGER (0..4294967295)krb5int32 ::= INTEGER (-2147483648..2147483647)KerberosString  ::= GeneralStringRealm ::= GeneralStringPrincipalName ::= SEQUENCE {	name-type[0]		NAME-TYPE,	name-string[1]		SEQUENCE OF GeneralString}-- this is not part of RFC1510Principal ::= SEQUENCE {	name[0]			PrincipalName,	realm[1]		Realm}HostAddress ::= SEQUENCE  {	addr-type[0]		krb5int32,	address[1]		OCTET STRING}-- This is from RFC1510.---- HostAddresses ::= SEQUENCE OF SEQUENCE {-- 	addr-type[0]		krb5int32,--	address[1]		OCTET STRING-- }-- This seems much better.HostAddresses ::= SEQUENCE OF HostAddressKerberosTime ::= GeneralizedTime -- Specifying UTC time zone (Z)AuthorizationDataElement ::= SEQUENCE {	ad-type[0]		krb5int32,	ad-data[1]		OCTET STRING}AuthorizationData ::= SEQUENCE OF AuthorizationDataElementAPOptions ::= BIT STRING {	reserved(0),	use-session-key(1),	mutual-required(2)}TicketFlags ::= BIT STRING {	reserved(0),	forwardable(1),	forwarded(2),	proxiable(3),	proxy(4),	may-postdate(5),	postdated(6),	invalid(7),	renewable(8),	initial(9),	pre-authent(10),	hw-authent(11),	transited-policy-checked(12),	ok-as-delegate(13),	anonymous(14)}KDCOptions ::= BIT STRING {	reserved(0),	forwardable(1),	forwarded(2),	proxiable(3),	proxy(4),	allow-postdate(5),	postdated(6),	unused7(7),	renewable(8),	unused9(9),	unused10(10),	unused11(11),	request-anonymous(14),	canonicalize(15),	constrained-delegation(16), -- ms extension	disable-transited-check(26),	renewable-ok(27),	enc-tkt-in-skey(28),	renew(30),	validate(31)}LR-TYPE ::= INTEGER {	LR_NONE(0),		-- no information	LR_INITIAL_TGT(1),	-- last initial TGT request	LR_INITIAL(2),		-- last initial request	LR_ISSUE_USE_TGT(3),	-- time of newest TGT used	LR_RENEWAL(4),		-- time of last renewal	LR_REQUEST(5),		-- time of last request (of any type)	LR_PW_EXPTIME(6),	-- expiration time of password	LR_ACCT_EXPTIME(7)	-- expiration time of account}LastReq ::= SEQUENCE OF SEQUENCE {	lr-type[0]		LR-TYPE,	lr-value[1]		KerberosTime}EncryptedData ::= SEQUENCE {	etype[0] 		ENCTYPE, -- EncryptionType	kvno[1]			krb5int32 OPTIONAL,	cipher[2]		OCTET STRING -- ciphertext}EncryptionKey ::= SEQUENCE {	keytype[0]		krb5int32,	keyvalue[1]		OCTET STRING}-- encoded Transited fieldTransitedEncoding ::= SEQUENCE {	tr-type[0]		krb5int32, -- must be registered	contents[1]		OCTET STRING}Ticket ::= [APPLICATION 1] SEQUENCE {	tkt-vno[0]		krb5int32,	realm[1]		Realm,	sname[2]		PrincipalName,	enc-part[3]		EncryptedData}-- Encrypted part of ticketEncTicketPart ::= [APPLICATION 3] SEQUENCE {	flags[0]		TicketFlags,	key[1]			EncryptionKey,	crealm[2]		Realm,	cname[3]		PrincipalName,	transited[4]		TransitedEncoding,	authtime[5]		KerberosTime,	starttime[6]		KerberosTime OPTIONAL,	endtime[7]		KerberosTime,	renew-till[8]		KerberosTime OPTIONAL,	caddr[9]		HostAddresses OPTIONAL,	authorization-data[10]	AuthorizationData OPTIONAL}Checksum ::= SEQUENCE {	cksumtype[0]		CKSUMTYPE,	checksum[1]		OCTET STRING}Authenticator ::= [APPLICATION 2] SEQUENCE    {	authenticator-vno[0]	krb5int32,	crealm[1]		Realm,	cname[2]		PrincipalName,	cksum[3]		Checksum OPTIONAL,	cusec[4]		krb5int32,	ctime[5]		KerberosTime,	subkey[6]		EncryptionKey OPTIONAL,	seq-number[7]		krb5uint32 OPTIONAL,	authorization-data[8]	AuthorizationData OPTIONAL}PA-DATA ::= SEQUENCE {	-- might be encoded AP-REQ	padata-type[1]		PADATA-TYPE,	padata-value[2]		OCTET STRING}ETYPE-INFO-ENTRY ::= SEQUENCE {	etype[0]		ENCTYPE,	salt[1]			OCTET STRING OPTIONAL,	salttype[2]		krb5int32 OPTIONAL}
12

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -