From ed45b4ba3b1f9e873a914d2ca8cdba61dfde9ff8 Mon Sep 17 00:00:00 2001 From: John Kohl Date: Thu, 13 Jun 1991 14:09:59 +0000 Subject: [PATCH] there's a better way to make these "must be the same" items; define a sub-type, tag that for each one, and it all works. The on-the-wire encoding is the same whether the tag is in-line with the sequence or attached to the pointer, and the ISODE code turns out to work the same anyway. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2173 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/asn.1/KRB5-asn.py | 55 +++++++--------------------------- 1 file changed, 11 insertions(+), 44 deletions(-) diff --git a/src/lib/krb5/asn.1/KRB5-asn.py b/src/lib/krb5/asn.1/KRB5-asn.py index 822a11451..647604291 100644 --- a/src/lib/krb5/asn.1/KRB5-asn.py +++ b/src/lib/krb5/asn.1/KRB5-asn.py @@ -127,22 +127,16 @@ TicketFlags ::= BIT STRING { initial(9) } --- the following two sequences MUST be the same except for the --- APPLICATION identifier -AS-REQ ::= [APPLICATION 10] SEQUENCE { - pvno[1] INTEGER, - msg-type[2] INTEGER, - padata[3] PA-DATA OPTIONAL, - req-body[4] KDC-REQ-BODY -} -TGS-REQ ::= [APPLICATION 12] SEQUENCE { +AS-REQ ::= [APPLICATION 10] KDC-REQ +TGS-REQ ::= [APPLICATION 12] KDC-REQ + +KDC-REQ ::= SEQUENCE { pvno[1] INTEGER, msg-type[2] INTEGER, padata[3] PA-DATA OPTIONAL, -- encoded AP-REQ, not optional + -- in the TGS-REQ req-body[4] KDC-REQ-BODY } --- the preceding two sequences MUST be the same except for the --- APPLICATION identifier -- Note that the RFC specifies that PA-DATA is just a SEQUENCE, and when -- it appears in the messages, it's a SEQUENCE OF PA-DATA. @@ -172,18 +166,9 @@ KDC-REQ-BODY ::= SEQUENCE { additional-tickets[11] SEQUENCE OF Ticket OPTIONAL } --- the following two sequences MUST be the same except for the --- APPLICATION identifier -AS-REP ::= [APPLICATION 11] SEQUENCE { - pvno[0] INTEGER, - msg-type[1] INTEGER, - padata[2] PA-DATA OPTIONAL, - crealm[3] Realm, - cname[4] PrincipalName, - ticket[5] Ticket, -- Ticket - enc-part[6] EncryptedData -- EncKDCRepPart -} -TGS-REP ::= [APPLICATION 13] SEQUENCE { +AS-REP ::= [APPLICATION 11] KDC-REP +TGS-REP ::= [APPLICATION 13] KDC-REP +KDC-REP ::= SEQUENCE { pvno[0] INTEGER, msg-type[1] INTEGER, padata[2] PA-DATA OPTIONAL, @@ -192,26 +177,10 @@ TGS-REP ::= [APPLICATION 13] SEQUENCE { ticket[5] Ticket, -- Ticket enc-part[6] EncryptedData -- EncKDCRepPart } --- the preceding two sequences MUST be the same except for the --- APPLICATION identifier --- the following two sequences MUST be the same except for the --- APPLICATION identifier -EncASRepPart ::= [APPLICATION 25] SEQUENCE { - key[0] EncryptionKey, - last-req[1] LastReq, - nonce[2] INTEGER, - key-expiration[3] KerberosTime OPTIONAL, - flags[4] TicketFlags, - authtime[5] KerberosTime, - starttime[6] KerberosTime OPTIONAL, - endtime[7] KerberosTime, - renew-till[8] KerberosTime OPTIONAL, - srealm[9] Realm, - sname[10] PrincipalName, - caddr[11] HostAddresses OPTIONAL -} -EncTGSRepPart ::= [APPLICATION 26] SEQUENCE { +EncASRepPart ::= [APPLICATION 25] EncKDCRepPart +EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart +EncKDCRepPart ::= SEQUENCE { key[0] EncryptionKey, last-req[1] LastReq, nonce[2] INTEGER, @@ -225,8 +194,6 @@ EncTGSRepPart ::= [APPLICATION 26] SEQUENCE { sname[10] PrincipalName, caddr[11] HostAddresses OPTIONAL } --- the preceding two sequences MUST be the same except for the --- APPLICATION identifier AP-REQ ::= [APPLICATION 14] SEQUENCE { pvno[0] INTEGER, -- 2.26.2