PKINIT DEFINITIONS ::= BEGIN IMPORTS EncryptionKey, PrincipalName, Realm, KerberosTime, TypedData FROM krb5; IMPORTS SignedData, EnvelopedData FROM CMS; IMPORTS CertificateSerialNumber, AttributeTypeAndValue, Name FROM X509; -- 3.1 CertPrincipalName ::= SEQUENCE { name-type[0] INTEGER, name-string[1] SEQUENCE OF UTF8String } -- 3.2.2 TrustedCertifiers ::= SEQUENCE OF PrincipalName -- X.500 name encoded as a principal name -- see Section 3.1 CertificateIndex ::= INTEGER -- 0 = 1st certificate, -- (in order of encoding) -- 1 = 2nd certificate, etc PA-PK-AS-REP ::= CHOICE { -- PA TYPE 15 dhSignedData[0] SignedData, -- Defined in CMS and used only with -- Diffie-Hellman key exchange (if the -- client public value was present in the -- request). -- This choice MUST be supported -- by compliant implementations. encKeyPack[1] EnvelopedData -- Defined in CMS -- The temporary key is encrypted -- using the client public key -- key -- SignedReplyKeyPack, encrypted -- with the temporary key, is also -- included. } KdcDHKeyInfo ::= SEQUENCE { -- used only when utilizing Diffie-Hellman nonce[0] INTEGER, -- binds responce to the request subjectPublicKey[2] BIT STRING -- Equals public exponent (g^a mod p) -- INTEGER encoded as payload of -- BIT STRING } ReplyKeyPack ::= SEQUENCE { -- not used for Diffie-Hellman replyKey[0] EncryptionKey, -- used to encrypt main reply -- ENCTYPE is at least as strong as -- ENCTYPE of session key nonce[1] INTEGER -- binds response to the request -- must be same as the nonce -- passed in the PKAuthenticator } -- subjectAltName EXTENSION ::= { -- SYNTAX GeneralNames -- IDENTIFIED BY id-ce-subjectAltName -- } OtherName ::= SEQUENCE { type-id OBJECT IDENTIFIER, value[0] OCTET STRING -- value[0] EXPLICIT ANY DEFINED BY type-id } GeneralName ::= CHOICE { otherName [0] OtherName, ... } GeneralNames ::= SEQUENCE -- SIZE(1..MAX) OF GeneralName KerberosName ::= SEQUENCE { realm[0] Realm, -- as defined in RFC 1510 principalName[1] CertPrincipalName -- defined above } -- krb5 OBJECT IDENTIFIER ::= { -- iso (1) org (3) dod (6) internet (1) security (5) kerberosv5 (2) -- } -- krb5PrincipalName OBJECT IDENTIFIER ::= { krb5 2 } -- 3.2.1 IssuerAndSerialNumber ::= SEQUENCE { issuer Name, serialNumber CertificateSerialNumber } TrustedCas ::= CHOICE { principalName[0] KerberosName, -- as defined below caName[1] Name, -- fully qualified X.500 name -- as defined by X.509 issuerAndSerial[2] IssuerAndSerialNumber -- Since a CA may have a number of -- certificates, only one of which -- a client trusts } PA-PK-AS-REQ ::= SEQUENCE { -- PA TYPE 14 signedAuthPack[0] SignedData, -- defined in CMS [11] -- AuthPack (below) defines the data -- that is signed trustedCertifiers[1] SEQUENCE OF TrustedCas OPTIONAL, -- CAs that the client trusts kdcCert[2] IssuerAndSerialNumber OPTIONAL, -- as defined in CMS [11] -- specifies a particular KDC -- certificate if the client -- already has it; encryptionCert[3] IssuerAndSerialNumber OPTIONAL -- For example, this may be the -- client's Diffie-Hellman -- certificate, or it may be the -- client's RSA encryption -- certificate. } PKAuthenticator ::= SEQUENCE { kdcName[0] PrincipalName, kdcRealm[1] Realm, cusec[2] INTEGER, -- for replay prevention as in RFC1510 ctime[3] KerberosTime, -- for replay prevention as in RFC1510 nonce[4] INTEGER } -- This is the real definition of AlgorithmIdentifier -- AlgorithmIdentifier ::= SEQUENCE { -- algorithm ALGORITHM.&id, -- parameters ALGORITHM.&Type -- } -- as specified by the X.509 recommendation[10] -- But we'll use this one instead: AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters CHOICE { a INTEGER } } SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, -- dhKeyAgreement subjectPublicKey BIT STRING -- for DH, equals -- public exponent (INTEGER encoded -- as payload of BIT STRING) } -- as specified by the X.509 recommendation[10] AuthPack ::= SEQUENCE { pkAuthenticator[0] PKAuthenticator, clientPublicValue[1] SubjectPublicKeyInfo OPTIONAL -- if client is using Diffie-Hellman -- (ephemeral-ephemeral only) } END