blob: fa210d653e7831db69813575dc9864edde197c26 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
|
# /*
# * Contact Love Hörnquist Åstrand <lha at h5l.org> for new oid arcs */
# */
# /*
# * 1.2.752.43 is SU's arc. SU's registry has arcs 13, 14, and 16
# * below that registered for Heimdal to use. The Heimdal source tree
# * is the authoritative registry for Heimdal's three arcs off of SU's arc.
# * This file is the authoritative registry for 1.2.752.43.13 and 1.2.752.14.
# * ASN.1 modules in lib/asn1/ are authoritative for 1.2.752.43.16.
# *
# * Confirmed by SU's erstwhile registrar, Leif Johansson <leifj at sunet.se>,
# * as well as by SU's current registrar (through Leif), as:
# *
# * 1.2.752.43.13 Namn Heimdal GSS-API extentions
# * Beskrivning OIDar för användning av Heimdal projektet
# * 1.2.752.43.14 Namn Heimdal GSS-API mechs
# * Beskrivning OIDar för användning av Heimdal projektet
# * 1.2.752.43.16 Namn Heimdal Internal crypto ops
# * Beskrivning OIDar för användning av Heimdal projektet
# *
# * 1.2.752.43.16 is now also used in Heimdal for PKIX-related things.
# * See lib/asn1/ and lib/hx509/.
# *
# * Contact the SU registrar for new oid arcs if any are needed, or carve
# * out an arc of one of the above, preferably off 1.2.752.43.16.
# */
# /*
# * 1.2.752.43.13 Heimdal GSS-API Extensions
# */
oid base GSS_KRB5_COPY_CCACHE_X 1.2.752.43.13.1
oid base GSS_KRB5_GET_TKT_FLAGS_X 1.2.752.43.13.2
oid base GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X 1.2.752.43.13.3
oid base GSS_KRB5_COMPAT_DES3_MIC_X 1.2.752.43.13.4
oid base GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X 1.2.752.43.13.5
oid base GSS_KRB5_EXPORT_LUCID_CONTEXT_X 1.2.752.43.13.6
oid base GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X 1.2.752.43.13.6.1
oid base GSS_KRB5_SET_DNS_CANONICALIZE_X 1.2.752.43.13.7
oid base GSS_KRB5_GET_SUBKEY_X 1.2.752.43.13.8
oid base GSS_KRB5_GET_INITIATOR_SUBKEY_X 1.2.752.43.13.9
oid base GSS_KRB5_GET_ACCEPTOR_SUBKEY_X 1.2.752.43.13.10
oid base GSS_KRB5_SEND_TO_KDC_X 1.2.752.43.13.11
oid base GSS_KRB5_GET_AUTHTIME_X 1.2.752.43.13.12
oid base GSS_KRB5_GET_SERVICE_KEYBLOCK_X 1.2.752.43.13.13
oid base GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X 1.2.752.43.13.14
oid base GSS_KRB5_SET_DEFAULT_REALM_X 1.2.752.43.13.15
oid base GSS_KRB5_CCACHE_NAME_X 1.2.752.43.13.16
oid base GSS_KRB5_SET_TIME_OFFSET_X 1.2.752.43.13.17
oid base GSS_KRB5_GET_TIME_OFFSET_X 1.2.752.43.13.18
oid base GSS_KRB5_PLUGIN_REGISTER_X 1.2.752.43.13.19
oid base GSS_NTLM_GET_SESSION_KEY_X 1.2.752.43.13.20
oid base GSS_C_NT_NTLM 1.2.752.43.13.21
oid base GSS_C_NT_DN 1.2.752.43.13.22
oid base GSS_KRB5_NT_PRINCIPAL_NAME_REFERRAL 1.2.752.43.13.23
oid base GSS_C_NTLM_AVGUEST 1.2.752.43.13.24
oid base GSS_C_NTLM_V1 1.2.752.43.13.25
oid base GSS_C_NTLM_V2 1.2.752.43.13.26
oid base GSS_C_NTLM_SESSION_KEY 1.2.752.43.13.27
oid base GSS_C_NTLM_FORCE_V1 1.2.752.43.13.28
oid base GSS_KRB5_CRED_NO_CI_FLAGS_X 1.2.752.43.13.29
oid base GSS_KRB5_IMPORT_CRED_X 1.2.752.43.13.30
oid base GSS_KRB5_IMPORT_RFC4121_CONTEXT_X 1.2.752.43.13.31
# /* glue for gss_inquire_saslname_for_mech */
oid base GSS_C_MA_SASL_MECH_NAME 1.2.752.43.13.100
oid base GSS_C_MA_MECH_NAME 1.2.752.43.13.101
oid base GSS_C_MA_MECH_DESCRIPTION 1.2.752.43.13.102
#/* Heimdal mechanisms - 1.2.752.43.14 */
oid base GSS_SASL_DIGEST_MD5_MECHANISM 1.2.752.43.14.1
oid base GSS_NETLOGON_MECHANISM 1.2.752.43.14.2
oid base GSS_NETLOGON_SET_SESSION_KEY_X 1.2.752.43.14.3
oid base GSS_NETLOGON_SET_SIGN_ALGORITHM_X 1.2.752.43.14.4
oid base GSS_NETLOGON_NT_NETBIOS_DNS_NAME 1.2.752.43.14.5
#/* GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X.128 */
oid base GSS_C_INQ_WIN2K_PAC_X 1.2.752.43.13.3.128
oid base GSS_C_INQ_SSPI_SESSION_KEY 1.2.840.113554.1.2.2.5.5
oid base GSS_C_INQ_NEGOEX_KEY 1.2.840.113554.1.2.2.5.16
oid base GSS_C_INQ_NEGOEX_VERIFY_KEY 1.2.840.113554.1.2.2.5.17
oid base GSS_C_INQ_REQUIRE_MECHLIST_MIC 1.3.6.1.4.1.7165.655.1.2
#/*
# * "Standard" mechs
# */
oid base GSS_KRB5_MECHANISM 1.2.840.113554.1.2.2
oid base GSS_NTLM_MECHANISM 1.3.6.1.4.1.311.2.2.10
oid base GSS_SPNEGO_MECHANISM 1.3.6.1.5.5.2
# /* From Luke Howard */
oid base GSS_C_INQ_PEER_HAS_BUGGY_SPNEGO 1.3.6.1.4.1.5322.19.6
oid base GSS_C_NTLM_RESET_CRYPTO 1.3.6.1.4.1.7165.655.1.3
oid base GSS_NEGOEX_MECHANISM 1.3.6.1.4.1.311.2.2.30
oid base GSS_SANON_X25519_MECHANISM 1.3.6.1.4.1.5322.26.1.110
#/*
# * OID mappings with name and short description and and slightly longer description
# */
desc mech GSS_KRB5_MECHANISM "Kerberos 5" "Heimdal Kerberos 5 mechanism"
desc mech GSS_NTLM_MECHANISM "NTLM" "Heimdal NTLM mechanism"
desc mech GSS_SPNEGO_MECHANISM "SPNEGO" "Heimdal SPNEGO mechanism"
desc mech GSS_SANON_X25519_MECHANISM "SAnon-X25519" "Heimdal Simple Anonymous (X25519) mechanism"
desc ma GSS_C_MA_MECH_NAME "GSS mech name" "The name of the GSS-API mechanism"
desc ma GSS_C_MA_SASL_MECH_NAME "SASL mechanism name" "The name of the SASL mechanism"
desc ma GSS_C_MA_MECH_DESCRIPTION "Mech description" "The long description of the mechanism"
#/*
# * RFC5587
# */
oid base GSS_C_MA_MECH_CONCRETE 1.3.6.1.5.5.13.1
oid base GSS_C_MA_MECH_PSEUDO 1.3.6.1.5.5.13.2
oid base GSS_C_MA_MECH_COMPOSITE 1.3.6.1.5.5.13.3
oid base GSS_C_MA_MECH_NEGO 1.3.6.1.5.5.13.4
oid base GSS_C_MA_MECH_GLUE 1.3.6.1.5.5.13.5
oid base GSS_C_MA_NOT_MECH 1.3.6.1.5.5.13.6
oid base GSS_C_MA_DEPRECATED 1.3.6.1.5.5.13.7
oid base GSS_C_MA_NOT_DFLT_MECH 1.3.6.1.5.5.13.8
oid base GSS_C_MA_ITOK_FRAMED 1.3.6.1.5.5.13.9
oid base GSS_C_MA_AUTH_INIT 1.3.6.1.5.5.13.10
oid base GSS_C_MA_AUTH_TARG 1.3.6.1.5.5.13.11
oid base GSS_C_MA_AUTH_INIT_INIT 1.3.6.1.5.5.13.12
oid base GSS_C_MA_AUTH_TARG_INIT 1.3.6.1.5.5.13.13
oid base GSS_C_MA_AUTH_INIT_ANON 1.3.6.1.5.5.13.14
oid base GSS_C_MA_AUTH_TARG_ANON 1.3.6.1.5.5.13.15
oid base GSS_C_MA_DELEG_CRED 1.3.6.1.5.5.13.16
oid base GSS_C_MA_INTEG_PROT 1.3.6.1.5.5.13.17
oid base GSS_C_MA_CONF_PROT 1.3.6.1.5.5.13.18
oid base GSS_C_MA_MIC 1.3.6.1.5.5.13.19
oid base GSS_C_MA_WRAP 1.3.6.1.5.5.13.20
oid base GSS_C_MA_PROT_READY 1.3.6.1.5.5.13.21
oid base GSS_C_MA_REPLAY_DET 1.3.6.1.5.5.13.22
oid base GSS_C_MA_OOS_DET 1.3.6.1.5.5.13.23
oid base GSS_C_MA_CBINDINGS 1.3.6.1.5.5.13.24
oid base GSS_C_MA_PFS 1.3.6.1.5.5.13.25
oid base GSS_C_MA_COMPRESS 1.3.6.1.5.5.13.26
oid base GSS_C_MA_CTX_TRANS 1.3.6.1.5.5.13.27
oid base GSS_C_MA_NEGOEX_AND_SPNEGO 1.2.840.113554.1.2.2.5.18
desc ma GSS_C_MA_MECH_CONCRETE "concrete-mech" "Indicates that a mech is neither a pseudo-mechanism nor a composite mechanism"
desc ma GSS_C_MA_MECH_PSEUDO "pseudo-mech" ""
desc ma GSS_C_MA_MECH_COMPOSITE "composite-mech" ""
desc ma GSS_C_MA_MECH_NEGO "mech-negotiation-mech" ""
desc ma GSS_C_MA_MECH_GLUE "mech-glue" ""
desc ma GSS_C_MA_NOT_MECH "not-mech" ""
desc ma GSS_C_MA_DEPRECATED "mech-deprecated" ""
desc ma GSS_C_MA_NOT_DFLT_MECH "mech-not-default" ""
desc ma GSS_C_MA_ITOK_FRAMED "initial-is-framed" ""
desc ma GSS_C_MA_AUTH_INIT "auth-init-princ" ""
desc ma GSS_C_MA_AUTH_TARG "auth-targ-princ" ""
desc ma GSS_C_MA_AUTH_INIT_INIT "auth-init-princ-initial" ""
desc ma GSS_C_MA_AUTH_TARG_INIT "auth-targ-princ-initial" ""
desc ma GSS_C_MA_AUTH_INIT_ANON "auth-init-princ-anon" ""
desc ma GSS_C_MA_AUTH_TARG_ANON "auth-targ-princ-anon" ""
desc ma GSS_C_MA_DELEG_CRED "deleg-cred" ""
desc ma GSS_C_MA_INTEG_PROT "integ-prot" ""
desc ma GSS_C_MA_CONF_PROT "conf-prot" ""
desc ma GSS_C_MA_MIC "mic" ""
desc ma GSS_C_MA_WRAP "wrap" ""
desc ma GSS_C_MA_PROT_READY "prot-ready" ""
desc ma GSS_C_MA_REPLAY_DET "replay-detection" ""
desc ma GSS_C_MA_OOS_DET "oos-detection" ""
desc ma GSS_C_MA_CBINDINGS "channel-bindings" ""
desc ma GSS_C_MA_PFS "pfs" ""
desc ma GSS_C_MA_COMPRESS "compress" ""
desc ma GSS_C_MA_CTX_TRANS "context-transfer" ""
desc ma GSS_C_MA_NEGOEX_AND_SPNEGO "negoex-and-spnego" "Indicates that a mechanism supports both NegoEx and SPNEGO"
|