1 files changed, 0 insertions, 189 deletions
diff --git a/crypto/heimdal/lib/asn1/pkinit.asn1 b/crypto/heimdal/lib/asn1/pkinit.asn1
deleted file mode 100644
index 92c5de75daac6..0000000000000
--- a/crypto/heimdal/lib/asn1/pkinit.asn1
+++ /dev/null
@@ -1,189 +0,0 @@
-PKINIT DEFINITIONS ::= BEGIN
-
-IMPORTS  EncryptionKey, PrincipalName, Realm, KerberosTime, TypedData 
-	FROM krb5;
-IMPORTS SignedData, EnvelopedData FROM CMS;
-IMPORTS CertificateSerialNumber, AttributeTypeAndValue, Name FROM X509;
-
-
--- 3.1
-
-CertPrincipalName ::= SEQUENCE {
-	name-type[0]		INTEGER,
-	name-string[1]		SEQUENCE OF UTF8String
-}
-
-
--- 3.2.2
-
-
-TrustedCertifiers ::= SEQUENCE OF PrincipalName
-				-- X.500 name encoded as a principal name
-				-- see Section 3.1
-CertificateIndex  ::= INTEGER
-				-- 0 = 1st certificate,
-				--     (in order of encoding)
-				-- 1 = 2nd certificate, etc
-
-PA-PK-AS-REP ::= CHOICE {
-				-- PA TYPE 15
-	dhSignedData[0]		SignedData,
-				-- Defined in CMS and used only with
-				-- Diffie-Hellman key exchange (if the
-				-- client public value was present in the
-				-- request).
-				-- This choice MUST be supported
-				-- by compliant implementations.
-	encKeyPack[1]		EnvelopedData
-				-- Defined in CMS
-				-- The temporary key is encrypted
-				-- using the client public key
-				-- key
-				-- SignedReplyKeyPack, encrypted
-				-- with the temporary key, is also
-				-- included.
-}
-
-
-
-KdcDHKeyInfo ::= SEQUENCE {
-				-- used only when utilizing Diffie-Hellman
-	nonce[0]		INTEGER,
-				-- binds responce to the request
-	subjectPublicKey[2]	BIT STRING
-				-- Equals public exponent (g^a mod p)
-				-- INTEGER encoded as payload of
-				-- BIT STRING
-}
-
-ReplyKeyPack ::= SEQUENCE {
-				-- not used for Diffie-Hellman
-	replyKey[0]		EncryptionKey,
-				-- used to encrypt main reply
-				-- ENCTYPE is at least as strong as
-				-- ENCTYPE of session key
-	nonce[1]		INTEGER
-				-- binds response to the request
-				-- must be same as the nonce
-				-- passed in the PKAuthenticator
-}
-
--- subjectAltName EXTENSION ::= {
--- 	SYNTAX GeneralNames
--- 	IDENTIFIED BY id-ce-subjectAltName
--- }
-
-OtherName ::= SEQUENCE {
-	type-id			OBJECT IDENTIFIER,
-	value[0]		OCTET STRING
---	value[0] EXPLICIT ANY DEFINED BY type-id
-}
-
-GeneralName ::= CHOICE {
-	otherName       [0] OtherName,
-	...
-}
-
-GeneralNames ::= SEQUENCE -- SIZE(1..MAX)
-	OF GeneralName
-
-KerberosName ::= SEQUENCE {
-	realm[0]		Realm,
-				-- as defined in RFC 1510
-	principalName[1]	CertPrincipalName
-				-- defined above
-}
-
-
--- krb5 OBJECT IDENTIFIER ::= {
--- 	iso (1) org (3) dod (6) internet (1) security (5) kerberosv5 (2)
--- }
-
--- krb5PrincipalName OBJECT IDENTIFIER ::= { krb5 2 }
-
--- 3.2.1
-
-
-IssuerAndSerialNumber ::= SEQUENCE {
-	issuer			Name,
-	serialNumber		CertificateSerialNumber
-}
-
-TrustedCas ::= CHOICE {
-	principalName[0]	KerberosName,
-				-- as defined below
-	caName[1]		Name,
-				-- fully qualified X.500 name
-				-- as defined by X.509
-	issuerAndSerial[2]	IssuerAndSerialNumber
-				-- Since a CA may have a number of
-				-- certificates, only one of which
-				-- a client trusts
-}
-
-PA-PK-AS-REQ ::= SEQUENCE {
-	-- PA TYPE 14
-	signedAuthPack[0]	SignedData,
-				-- defined in CMS [11]
-				-- AuthPack (below) defines the data
-				-- that is signed
-	trustedCertifiers[1]	SEQUENCE OF TrustedCas OPTIONAL,
-				-- CAs that the client trusts
-	kdcCert[2]		IssuerAndSerialNumber OPTIONAL,
-				-- as defined in CMS [11]
-				-- specifies a particular KDC
-				-- certificate if the client
-				-- already has it;
-	encryptionCert[3]	IssuerAndSerialNumber OPTIONAL
-				-- For example, this may be the
-				-- client's Diffie-Hellman
-				-- certificate, or it may be the
-				-- client's RSA encryption
-				-- certificate.
-}
-
-PKAuthenticator ::= SEQUENCE {
-	kdcName[0]		PrincipalName,
-	kdcRealm[1]		Realm,
-	cusec[2]		INTEGER,
-				-- for replay prevention as in RFC1510
-	ctime[3]		KerberosTime,
-				-- for replay prevention as in RFC1510
-	nonce[4]		INTEGER
-}
-
--- This is the real definition of AlgorithmIdentifier
--- AlgorithmIdentifier ::= SEQUENCE {
--- 	algorithm		ALGORITHM.&id,
---	parameters		ALGORITHM.&Type
--- }   -- as specified by the X.509 recommendation[10]
-
--- But we'll use this one instead:
-
-AlgorithmIdentifier ::= SEQUENCE {
-	algorithm		OBJECT IDENTIFIER,
-	parameters		CHOICE {
-					a INTEGER
-				}
-}
-
-
-
-SubjectPublicKeyInfo ::= SEQUENCE {
-	algorithm		AlgorithmIdentifier,
-				-- dhKeyAgreement
-	subjectPublicKey	BIT STRING
-				-- for DH, equals
-				-- public exponent (INTEGER encoded
-				-- as payload of BIT STRING)
-} -- as specified by the X.509 recommendation[10]
-
-AuthPack ::= SEQUENCE {
-	pkAuthenticator[0]	PKAuthenticator,
-	clientPublicValue[1]	SubjectPublicKeyInfo OPTIONAL
-				-- if client is using Diffie-Hellman
-				-- (ephemeral-ephemeral only)
-}
-
-
-END