1 -- Id 2 3 SETCHGPW2 DEFINITIONS ::= 4 BEGIN 5 6 IMPORTS PrincipalName, Realm, ENCTYPE FROM krb5; 7 8 ProtocolErrorCode ::= ENUMERATED { 9 generic-error(0), 10 unsupported-major-version(1), 11 unsupported-minor-version(2), 12 unsupported-operation(3), 13 authorization-failed(4), 14 initial-ticket-required(5), 15 target-principal-unknown(6), 16 ... 17 } 18 19 Key ::= SEQUENCE { 20 enc-type[0] INTEGER, 21 key[1] OCTET STRING, 22 ... 23 } 24 25 Language-Tag ::= UTF8String -- Constrained by RFC3066 26 27 LangTaggedText ::= SEQUENCE { 28 language[0] Language-Tag OPTIONAL, 29 text[1] UTF8String, 30 ... 31 } 32 33 -- NULL Op 34 35 Req-null ::= NULL 36 Rep-null ::= NULL 37 Err-null ::= NULL 38 39 -- Change password 40 Req-change-pw ::= SEQUENCE { 41 old-pw[0] UTF8String, 42 new-pw[1] UTF8String OPTIONAL, 43 etypes[2] SEQUENCE OF ENCTYPE OPTIONAL, 44 ... 45 } 46 47 Rep-change-pw ::= SEQUENCE { 48 info-text[0] UTF8String OPTIONAL, 49 new-pw[1] UTF8String OPTIONAL, 50 etypes[2] SEQUENCE OF ENCTYPE OPTIONAL 51 } 52 53 Err-change-pw ::= SEQUENCE { 54 help-text[0] UTF8String OPTIONAL, 55 code[1] ENUMERATED { 56 generic(0), 57 wont-generate-new-pw(1), 58 old-pw-incorrect(2), 59 new-pw-rejected-geneneric(3), 60 pw-change-too-short(4), 61 ... 62 }, 63 suggested-new-pw[2] UTF8String OPTIONAL, 64 ... 65 } 66 67 -- Change/Set keys 68 Req-set-keys ::= SEQUENCE { 69 etypes[0] SEQUENCE OF ENCTYPE, 70 entropy[1] OCTET STRING, 71 ... 72 } 73 74 Rep-set-keys ::= SEQUENCE { 75 info-text[0] UTF8String OPTIONAL, 76 kvno[1] INTEGER, 77 keys[2] SEQUENCE OF Key, 78 aliases[3] SEQUENCE OF SEQUENCE { 79 name[0] PrincipalName, 80 realm[1] Realm OPTIONAL, 81 ... 82 }, 83 ... 84 } 85 86 Err-set-keys ::= SEQUENCE { 87 help-text[0] UTF8String OPTIONAL, 88 enctypes[1] SEQUENCE OF ENCTYPE OPTIONAL, 89 code[1] ENUMERATED { 90 etype-no-support(0), 91 ... 92 }, 93 ... 94 } 95 96 -- Get password policy 97 Req-get-pw-policy ::= NULL 98 99 Rep-get-pw-policy ::= SEQUENCE { 100 help-text[0] UTF8String OPTIONAL, 101 policy-name[1] UTF8String OPTIONAL, 102 description[2] UTF8String OPTIONAL, 103 ... 104 } 105 106 Err-get-pw-policy ::= NULL 107 108 -- Get principal aliases 109 Req-get-princ-aliases ::= NULL 110 111 Rep-get-princ-aliases ::= SEQUENCE { 112 help-text[0] UTF8String OPTIONAL, 113 aliases[1] SEQUENCE OF SEQUENCE { 114 name[0] PrincipalName, 115 realm[1] Realm OPTIONAL, 116 ... 117 } OPTIONAL, 118 ... 119 } 120 121 Err-get-princ-aliases ::= NULL 122 123 -- Get list of encryption types supported by KDC for new types 124 Req-get-supported-etypes ::= NULL 125 126 Rep-get-supported-etypes ::= SEQUENCE OF ENCTYPE 127 128 Err-get-supported-etypes ::= NULL 129 130 -- Choice switch 131 132 Op-req ::= CHOICE { 133 null[0] Req-null, 134 change-pw[1] Req-change-pw, 135 set-keys[2] Req-set-keys, 136 get-pw-policy[3] Req-get-pw-policy, 137 get-princ-aliases[4] Req-get-princ-aliases, 138 get-supported-etypes[5] Req-get-supported-etypes, 139 ... 140 } 141 142 Op-rep ::= CHOICE { 143 null[0] Rep-null, 144 change-pw[1] Rep-change-pw, 145 set-keys[2] Rep-set-keys, 146 get-pw-policy[3] Rep-get-pw-policy, 147 get-princ-aliases[4] Rep-get-princ-aliases, 148 get-supported-etypes[5] Rep-get-supported-etypes, 149 ... 150 } 151 152 Op-error ::= CHOICE { 153 null[0] Err-null, 154 change-pw[1] Err-change-pw, 155 set-keys[2] Err-set-keys, 156 get-pw-policy[3] Err-get-pw-policy, 157 get-princ-aliases[4] Err-get-princ-aliases, 158 get-supported-etypes[5] Err-get-supported-etypes, 159 ... 160 } 161 162 163 Request ::= [ APPLICATION 0 ] SEQUENCE { 164 pvno-major[0] INTEGER DEFAULT 2, 165 pvno-minor[1] INTEGER DEFAULT 0, 166 languages[2] SEQUENCE OF Language-Tag OPTIONAL, 167 targ-name[3] PrincipalName OPTIONAL, 168 targ-realm[4] Realm OPTIONAL, 169 operation[5] Op-Req, 170 ... 171 } 172 173 Response ::= [ APPLICATION 1 ] SEQUENCE { 174 pvno-major[0] INTEGER DEFAULT 2, 175 pvno-minor[1] INTEGER DEFAULT 0, 176 language[2] Language-Tag DEFAULT "i-default", 177 result[3] Op-rep OPTIONAL, 178 ... 179 } 180 181 Error-Response ::= [ APPLICATION 2 ] SEQUENCE { 182 pvno-major[0] INTEGER DEFAULT 2, 183 pvno-minor[1] INTEGER DEFAULT 0, 184 language[2] Language-Tag DEFAULT "i-default", 185 error-code[3] ProtocolErrorCode, 186 help-text[4] UTF8String OPTIONAL, 187 op-error[5] Op-error OP-ERROR, 188 ... 189 } 190 191 END 192 193 -- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' setchgpw2.asn1 194
Indexes created Sun Apr 19 00:22:55 UTC 2026