-- $Id$ SETCHGPW2 DEFINITIONS ::= BEGIN IMPORTS PrincipalName, Realm, ENCTYPE FROM krb5; ProtocolErrorCode ::= ENUMERATED { generic-error(0), unsupported-major-version(1), unsupported-minor-version(2), unsupported-operation(3), authorization-failed(4), initial-ticket-required(5), target-principal-unknown(6), ... } Key ::= SEQUENCE { enc-type[0] INTEGER, key[1] OCTET STRING, ... } Language-Tag ::= UTF8String -- Constrained by RFC3066 LangTaggedText ::= SEQUENCE { language[0] Language-Tag OPTIONAL, text[1] UTF8String, ... } -- NULL Op Req-null ::= NULL Rep-null ::= NULL Err-null ::= NULL -- Change password Req-change-pw ::= SEQUENCE { old-pw[0] UTF8String, new-pw[1] UTF8String OPTIONAL, etypes[2] SEQUENCE OF ENCTYPE OPTIONAL, ... } Rep-change-pw ::= SEQUENCE { info-text[0] UTF8String OPTIONAL, new-pw[1] UTF8String OPTIONAL, etypes[2] SEQUENCE OF ENCTYPE OPTIONAL } Err-change-pw ::= SEQUENCE { help-text[0] UTF8String OPTIONAL, code[1] ENUMERATED { generic(0), wont-generate-new-pw(1), old-pw-incorrect(2), new-pw-rejected-geneneric(3), pw-change-too-short(4), ... }, suggested-new-pw[2] UTF8String OPTIONAL, ... } -- Change/Set keys Req-set-keys ::= SEQUENCE { etypes[0] SEQUENCE OF ENCTYPE, entropy[1] OCTET STRING, ... } Rep-set-keys ::= SEQUENCE { info-text[0] UTF8String OPTIONAL, kvno[1] INTEGER, keys[2] SEQUENCE OF Key, aliases[3] SEQUENCE OF SEQUENCE { name[0] PrincipalName, realm[1] Realm OPTIONAL, ... }, ... } Err-set-keys ::= SEQUENCE { help-text[0] UTF8String OPTIONAL, enctypes[1] SEQUENCE OF ENCTYPE OPTIONAL, code[1] ENUMERATED { etype-no-support(0), ... }, ... } -- Get password policy Req-get-pw-policy ::= NULL Rep-get-pw-policy ::= SEQUENCE { help-text[0] UTF8String OPTIONAL, policy-name[1] UTF8String OPTIONAL, description[2] UTF8String OPTIONAL, ... } Err-get-pw-policy ::= NULL -- Get principal aliases Req-get-princ-aliases ::= NULL Rep-get-princ-aliases ::= SEQUENCE { help-text[0] UTF8String OPTIONAL, aliases[1] SEQUENCE OF SEQUENCE { name[0] PrincipalName, realm[1] Realm OPTIONAL, ... } OPTIONAL, ... } Err-get-princ-aliases ::= NULL -- Get list of encryption types supported by KDC for new types Req-get-supported-etypes ::= NULL Rep-get-supported-etypes ::= SEQUENCE OF ENCTYPE Err-get-supported-etypes ::= NULL -- Choice switch Op-req ::= CHOICE { null[0] Req-null, change-pw[1] Req-change-pw, set-keys[2] Req-set-keys, get-pw-policy[3] Req-get-pw-policy, get-princ-aliases[4] Req-get-princ-aliases, get-supported-etypes[5] Req-get-supported-etypes, ... } Op-rep ::= CHOICE { null[0] Rep-null, change-pw[1] Rep-change-pw, set-keys[2] Rep-set-keys, get-pw-policy[3] Rep-get-pw-policy, get-princ-aliases[4] Rep-get-princ-aliases, get-supported-etypes[5] Rep-get-supported-etypes, ... } Op-error ::= CHOICE { null[0] Err-null, change-pw[1] Err-change-pw, set-keys[2] Err-set-keys, get-pw-policy[3] Err-get-pw-policy, get-princ-aliases[4] Err-get-princ-aliases, get-supported-etypes[5] Err-get-supported-etypes, ... } Request ::= [ APPLICATION 0 ] SEQUENCE { pvno-major[0] INTEGER DEFAULT 2, pvno-minor[1] INTEGER DEFAULT 0, languages[2] SEQUENCE OF Language-Tag OPTIONAL, targ-name[3] PrincipalName OPTIONAL, targ-realm[4] Realm OPTIONAL, operation[5] Op-Req, ... } Response ::= [ APPLICATION 1 ] SEQUENCE { pvno-major[0] INTEGER DEFAULT 2, pvno-minor[1] INTEGER DEFAULT 0, language[2] Language-Tag DEFAULT "i-default", result[3] Op-rep OPTIONAL, ... } Error-Response ::= [ APPLICATION 2 ] SEQUENCE { pvno-major[0] INTEGER DEFAULT 2, pvno-minor[1] INTEGER DEFAULT 0, language[2] Language-Tag DEFAULT "i-default", error-code[3] ProtocolErrorCode, help-text[4] UTF8String OPTIONAL, op-error[5] Op-error OP-ERROR, ... } END -- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' setchgpw2.asn1