Add asn1c generated code for keytab controls

Instead of manually encoding controls, use an actual asn1 compiler.
The file asn1/asn1c/ipa.asn1 will contain ipa modules. The generated code
is committed to the tree and built into a static library that is linked
to the code that uses it.

The first module implements the GetKeytabControl control.

Related:
https://fedorahosted.org/freeipa/ticket/4718
https://fedorahosted.org/freeipa/ticket/4728

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>

1 files changed, 37 insertions, 0 deletions

diff --git a/asn1/asn1c/ipa.asn1 b/asn1/asn1c/ipa.asn1
new file mode 100644
index 000000000..a18488ed3
--- /dev/null
+++ b/asn1/asn1c/ipa.asn1
@@ -0,0 +1,37 @@
+KeytabModule DEFINITIONS ::= BEGIN
+
+    Int32 ::= INTEGER (-2147483648..2147483647)
+    -- signed values representable in 32 bits (from RFC4120)
+
+    GetKeytabControl ::= CHOICE {
+        newkeys     [0] GKNewKeys,
+        curkeys     [1] GKCurrentKeys,
+        reply       [2] GKReply
+    }
+
+    GKNewKeys ::= SEQUENCE {
+        serviceIdentity [0] OCTET STRING,
+        enctypes        [1] SEQUENCE OF Int32,
+        password        [2] OCTET STRING OPTIONAL
+    }
+
+    GKCurrentKeys ::= SEQUENCE {
+        serviceIdentity [0] OCTET STRING
+    }
+
+    GKReply ::= SEQUENCE {
+        newkvno     Int32,
+        keys        SEQUENCE OF KrbKey
+    }
+
+    KrbKey ::= SEQUENCE {
+        key         [0] TypeValuePair,
+        salt        [1] TypeValuePair OPTIONAL,
+        s2kparams   [2] OCTET STRING OPTIONAL
+    }
+
+    TypeValuePair ::= SEQUENCE {
+        type    [0] Int32,
+        value   [1] OCTET STRING
+    }
+END