[739] in Kerberos_V5_Development
ASN.1 shortcut
jtkohl@ATHENA.MIT.EDU (jtkohl@ATHENA.MIT.EDU)
Tue Jun 4 12:09:40 1991
I just figured out a way to cut down on some of the weirdness in the ASN.1
library/glue library with requiring two separate message structures for
AS-REQ's and TGS-REQ's.
I don't suggest changing this stuff at the moment, but it certainly could be
done sometime before we call it non-beta.
as an example, here's an extract from the current ISODE ASN.1 input file:
-- the following two sequences MUST be the same except for the
-- APPLICATION identifier
AS-REP ::= [APPLICATION 11] SEQUENCE {
pvno[0] INTEGER,
msg-type[1] INTEGER,
padata[2] PA-DATA OPTIONAL,
crealm[3] Realm,
cname[4] PrincipalName,
ticket[5] Ticket, -- Ticket
enc-part[6] EncryptedData -- EncKDCRepPart
}
TGS-REP ::= [APPLICATION 13] SEQUENCE {
pvno[0] INTEGER,
msg-type[1] INTEGER,
padata[2] PA-DATA OPTIONAL,
crealm[3] Realm,
cname[4] PrincipalName,
ticket[5] Ticket, -- Ticket
enc-part[6] EncryptedData -- EncKDCRepPart
}
-- the preceding two sequences MUST be the same except for the
-- APPLICATION identifier
We can make this look a lot better with:
KDC-REP ::= SEQUENCE { ... }
AS-REP ::= [APPLICATION 11] KDC-REP
TGS-REP ::= [APPLICATION 13] KDC-REP
This will require some (probably minor) surgery on the ASN.1 library and
it's glue, but it sure looks a lot cleaner!
