des-EDE3-CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 7}
+-- Windows 2000 PK-INIT definitions
+
+PKAuthenticator-Win2k ::= SEQUENCE {
+ kdcName [0] PrincipalName,
+ kdcRealm [1] Realm,
+ cusec [2] INTEGER (0..4294967295),
+ ctime [3] KerberosTime,
+ nonce [4] INTEGER (-2147483648..2147483647)
+}
+
+AuthPack-Win2k ::= SEQUENCE {
+ pkAuthenticator [0] PKAuthenticator-Win2k
+}
+
+TrustedCA-Win2k ::= CHOICE {
+ caName [1] ANY,
+ issuerAndSerial [2] IssuerAndSerialNumber
+}
+
+PA-PK-AS-REQ-Win2k ::= SEQUENCE {
+ signedAuthPack [0] IMPLICIT OCTET STRING,
+ trustedCertifiers [2] SEQUENCE OF TrustedCA-Win2k OPTIONAL,
+ kdcCert [3] IMPLICIT OCTET STRING OPTIONAL,
+ encryptionCert [4] IMPLICIT OCTET STRING OPTIONAL,
+ ...
+}
+
+PA-PK-AS-REP-Win2k ::= CHOICE {
+ dhSignedData [0] IMPLICIT OCTET STRING,
+ encKeyPack [1] IMPLICIT OCTET STRING
+}
+
+ReplyKeyPack-Win2k ::= SEQUENCE {
+ replyKey [0] EncryptionKey,
+ nonce [1] INTEGER (-2147483648..2147483647),
+ ...
+}
+
--
id-pkinit-ms-san OBJECT IDENTIFIER ::= {
# Auto-generated by asn1ate v.0.6.1.dev0 from rfc4120.asn1
-# (last modified on 2023-07-03 09:37:15.502641)
+# (last modified on 2023-07-04 13:41:26.112349)
# KerberosV5Spec2
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful
)
+class PKAuthenticator_Win2k(univ.Sequence):
+ pass
+
+
+PKAuthenticator_Win2k.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('kdcName', PrincipalName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.NamedType('kdcRealm', Realm().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.NamedType('cusec', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, 4294967295)).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+ namedtype.NamedType('ctime', KerberosTime().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
+ namedtype.NamedType('nonce', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(-2147483648, 2147483647)).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
+)
+
+
+class AuthPack_Win2k(univ.Sequence):
+ pass
+
+
+AuthPack_Win2k.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('pkAuthenticator', PKAuthenticator_Win2k().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
+)
+
+
class EncryptionKey(univ.Sequence):
pass
)
+class PA_PK_AS_REP_Win2k(univ.Choice):
+ pass
+
+
+PA_PK_AS_REP_Win2k.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('dhSignedData', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.NamedType('encKeyPack', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
+)
+
+
class PA_PK_AS_REQ(univ.Sequence):
pass
)
+class TrustedCA_Win2k(univ.Choice):
+ pass
+
+
+TrustedCA_Win2k.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('caName', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.NamedType('issuerAndSerial', IssuerAndSerialNumber().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
+)
+
+
+class PA_PK_AS_REQ_Win2k(univ.Sequence):
+ pass
+
+
+PA_PK_AS_REQ_Win2k.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('signedAuthPack', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.OptionalNamedType('trustedCertifiers', univ.SequenceOf(componentType=TrustedCA_Win2k()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+ namedtype.OptionalNamedType('kdcCert', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
+ namedtype.OptionalNamedType('encryptionCert', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
+)
+
+
class PA_S4U2Self(univ.Sequence):
pass
)
+class ReplyKeyPack_Win2k(univ.Sequence):
+ pass
+
+
+ReplyKeyPack_Win2k.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('replyKey', EncryptionKey().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.NamedType('nonce', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(-2147483648, 2147483647)).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
+)
+
+
class SignatureValue(univ.OctetString):
pass