1*10598SGlenn.Barry@Sun.COM /* -*- mode: c; indent-tabs-mode: nil -*- */ 20Sstevel@tonic-gate #ifndef __KRBASN1_H__ 30Sstevel@tonic-gate #define __KRBASN1_H__ 40Sstevel@tonic-gate 57934SMark.Phalan@Sun.COM #include "k5-int.h" 60Sstevel@tonic-gate #include <stdio.h> 70Sstevel@tonic-gate #include <errno.h> 8*10598SGlenn.Barry@Sun.COM #include <limits.h> /* For INT_MAX */ 90Sstevel@tonic-gate #ifdef HAVE_STDLIB_H 100Sstevel@tonic-gate #include <stdlib.h> 110Sstevel@tonic-gate #endif 120Sstevel@tonic-gate 130Sstevel@tonic-gate /* 140Sstevel@tonic-gate * If KRB5_MSGTYPE_STRICT is defined, then be strict about checking 150Sstevel@tonic-gate * the msgtype fields. Unfortunately, there old versions of Kerberos 160Sstevel@tonic-gate * don't set these fields correctly, so we have to make allowances for 170Sstevel@tonic-gate * them. 180Sstevel@tonic-gate */ 190Sstevel@tonic-gate /* #define KRB5_MSGTYPE_STRICT */ 200Sstevel@tonic-gate 21781Sgtb /* 22781Sgtb * If KRB5_GENEROUS_LR_TYPE is defined, then we are generous about 23781Sgtb * accepting a one byte negative lr_type - which is not sign 24781Sgtb * extended. Prior to July 2000, we were sending a negative lr_type as 25781Sgtb * a positve single byte value - instead of a signed integer. This 26781Sgtb * allows us to receive the old value and deal 27781Sgtb */ 28781Sgtb #define KRB5_GENEROUS_LR_TYPE 29781Sgtb 300Sstevel@tonic-gate typedef krb5_octet asn1_octet; 310Sstevel@tonic-gate typedef krb5_error_code asn1_error_code; 320Sstevel@tonic-gate 330Sstevel@tonic-gate typedef enum { PRIMITIVE = 0x00, CONSTRUCTED = 0x20 } asn1_construction; 340Sstevel@tonic-gate 350Sstevel@tonic-gate typedef enum { UNIVERSAL = 0x00, APPLICATION = 0x40, 36*10598SGlenn.Barry@Sun.COM CONTEXT_SPECIFIC = 0x80, PRIVATE = 0xC0 } asn1_class; 37*10598SGlenn.Barry@Sun.COM 38*10598SGlenn.Barry@Sun.COM typedef INT64_TYPE asn1_intmax; 39*10598SGlenn.Barry@Sun.COM typedef UINT64_TYPE asn1_uintmax; 400Sstevel@tonic-gate 410Sstevel@tonic-gate typedef int asn1_tagnum; 420Sstevel@tonic-gate #define ASN1_TAGNUM_CEILING INT_MAX 430Sstevel@tonic-gate #define ASN1_TAGNUM_MAX (ASN1_TAGNUM_CEILING-1) 440Sstevel@tonic-gate 450Sstevel@tonic-gate /* This is Kerberos Version 5 */ 460Sstevel@tonic-gate #define KVNO 5 470Sstevel@tonic-gate 480Sstevel@tonic-gate /* Universal Tag Numbers */ 49*10598SGlenn.Barry@Sun.COM #define ASN1_BOOLEAN 1 50*10598SGlenn.Barry@Sun.COM #define ASN1_INTEGER 2 51*10598SGlenn.Barry@Sun.COM #define ASN1_BITSTRING 3 52*10598SGlenn.Barry@Sun.COM #define ASN1_OCTETSTRING 4 53*10598SGlenn.Barry@Sun.COM #define ASN1_NULL 5 54*10598SGlenn.Barry@Sun.COM #define ASN1_OBJECTIDENTIFIER 6 55*10598SGlenn.Barry@Sun.COM #define ASN1_ENUMERATED 10 56*10598SGlenn.Barry@Sun.COM #define ASN1_SEQUENCE 16 57*10598SGlenn.Barry@Sun.COM #define ASN1_SET 17 58*10598SGlenn.Barry@Sun.COM #define ASN1_PRINTABLESTRING 19 59*10598SGlenn.Barry@Sun.COM #define ASN1_IA5STRING 22 60*10598SGlenn.Barry@Sun.COM #define ASN1_UTCTIME 23 61*10598SGlenn.Barry@Sun.COM #define ASN1_GENERALTIME 24 62*10598SGlenn.Barry@Sun.COM #define ASN1_GENERALSTRING 27 630Sstevel@tonic-gate 640Sstevel@tonic-gate /* Kerberos Message Types */ 65*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_AS_REQ 10 66*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_AS_REP 11 67*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_TGS_REQ 12 68*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_TGS_REP 13 69*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_AP_REQ 14 70*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_AP_REP 15 71*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_SAFE 20 72*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_PRIV 21 73*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_CRED 22 74*10598SGlenn.Barry@Sun.COM #define ASN1_KRB_ERROR 30 750Sstevel@tonic-gate 760Sstevel@tonic-gate #endif 77