types

package
v8.0.0-...-e4171fc Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 2, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Overview

Package types provides Kerberos 5 data types.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetPAEncTSEncAsnMarshalled 

func GetPAEncTSEncAsnMarshalled() ([]byte, error)

GetPAEncTSEncAsnMarshalled returns the bytes of a PAEncTSEnc.

func GetPAPacReqAsnMarshalled 

func GetPAPacReqAsnMarshalled(i bool) ([]byte, error)

GetPAEncTSEncAsnMarshalled returns the bytes of a PAEncTSEnc.

func HostAddressesContains 

func HostAddressesContains(h []HostAddress, a HostAddress) bool

HostAddressesContains tests if a HostAddress is contained in a HostAddress slice.

func HostAddressesEqual 

func HostAddressesEqual(h, a []HostAddress) bool

HostAddressesEqual tests if two HostAddress slices are equal.

func IsFlagSet 

func IsFlagSet(f *asn1.BitString, i int) bool

IsFlagSet tests if a flag is set in the ASN1 BitString.

func NewKrbFlags 

func NewKrbFlags() asn1.BitString

NewKrbFlags returns an ASN1 BitString struct of the right size for KrbFlags.

func SetFlag 

func SetFlag(f *asn1.BitString, i int)

SetFlag sets a flag in an ASN1 BitString.

func SetFlags 

func SetFlags(f *asn1.BitString, j []int)

SetFlags sets the flags of an ASN1 BitString.

func UnsetFlag 

func UnsetFlag(f *asn1.BitString, i int)

UnsetFlag unsets a flag in an ASN1 BitString.

func UnsetFlags 

func UnsetFlags(f *asn1.BitString, j []int)

UnsetFlags unsets flags in an ASN1 BitString.

Types

type ADAndOr 

type ADAndOr struct {
	ConditionCount int32             `asn1:"explicit,tag:0"`
	Elements       AuthorizationData `asn1:"explicit,tag:1"`
}

ADAndOr implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6.3

type ADIfRelevant 

type ADIfRelevant AuthorizationData

ADIfRelevant implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6.1

type ADKDCIssued 

type ADKDCIssued struct {
	ADChecksum Checksum          `asn1:"explicit,tag:0"`
	IRealm     string            `asn1:"optional,generalstring,explicit,tag:1"`
	Isname     PrincipalName     `asn1:"optional,explicit,tag:2"`
	Elements   AuthorizationData `asn1:"explicit,tag:3"`
}

ADKDCIssued implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6.2

func (*ADKDCIssued) Unmarshal 

func (a *ADKDCIssued) Unmarshal(b []byte) error

Unmarshal bytes into the ADKDCIssued.

type ADMandatoryForKDC 

type ADMandatoryForKDC AuthorizationData

ADMandatoryForKDC implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6.4

type AuthPack 

type AuthPack struct {
	// contains filtered or unexported fields
}
AuthPack ::= SEQUENCE {
	pkAuthenticator [0] PKAuthenticator,
	clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL,
	-- Type SubjectPublicKeyInfo is defined in
	-- [RFC3280].
	-- Specifies Diffie-Hellman domain parameters
	-- and the client’s public key value [IEEE1363].
   Zhu & Tung Standards Track [Page 10]
   RFC 4556 PKINIT June 2006
	-- The DH public key value is encoded as a BIT
	-- STRING according to [RFC3279].
	-- This field is present only if the client wishes
	-- to use the Diffie-Hellman key agreement method.
	supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier
	OPTIONAL,
	-- Type AlgorithmIdentifier is defined in
	-- [RFC3280].
	-- List of CMS algorithm [RFC3370] identifiers
	-- that identify key transport algorithms, or
	-- content encryption algorithms, or signature
	-- algorithms supported by the client in order of
	-- (decreasing) preference.
	clientDHNonce [3] DHNonce OPTIONAL,
	-- Present only if the client indicates that it
	-- wishes to reuse DH keys or to allow the KDC to
	-- do so (see Section 3.2.3.1).
	...
	}

https://www.rfc-editor.org/rfc/pdfrfc/rfc4556.txt.pdf

func NewAuthPack 

func NewAuthPack(pk PKAuthenticator) (AuthPack, error)

NewAuthenticator creates a new PKAuthenticator.

func (*AuthPack) Marshal 

func (a *AuthPack) Marshal() ([]byte, error)

Marshal the AuthPack.

type Authenticator 

type Authenticator struct {
	AVNO              int               `asn1:"explicit,tag:0"`
	CRealm            string            `asn1:"generalstring,explicit,tag:1"`
	CName             PrincipalName     `asn1:"explicit,tag:2"`
	Cksum             Checksum          `asn1:"explicit,optional,tag:3"`
	Cusec             int               `asn1:"explicit,tag:4"`
	CTime             time.Time         `asn1:"generalized,explicit,tag:5"`
	SubKey            EncryptionKey     `asn1:"explicit,optional,tag:6"`
	SeqNumber         int64             `asn1:"explicit,optional,tag:7"`
	AuthorizationData AuthorizationData `asn1:"explicit,optional,tag:8"`
}

Authenticator - A record containing information that can be shown to have been recently generated using the session key known only by the client and server. https://tools.ietf.org/html/rfc4120#section-5.5.1

func NewAuthenticator 

func NewAuthenticator(realm string, cname PrincipalName) (Authenticator, error)

NewAuthenticator creates a new Authenticator.

func (*Authenticator) GenerateSeqNumberAndSubKey 

func (a *Authenticator) GenerateSeqNumberAndSubKey(keyType int32, keySize int) error

GenerateSeqNumberAndSubKey sets the Authenticator's sequence number and subkey.

func (*Authenticator) Marshal 

func (a *Authenticator) Marshal() ([]byte, error)

Marshal the Authenticator.

func (*Authenticator) Unmarshal 

func (a *Authenticator) Unmarshal(b []byte) error

Unmarshal bytes into the Authenticator.

type AuthorizationData 

type AuthorizationData []AuthorizationDataEntry

AuthorizationData implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6

func (*AuthorizationData) Unmarshal 

func (a *AuthorizationData) Unmarshal(b []byte) error

Unmarshal bytes into the AuthorizationData.

type AuthorizationDataEntry 

type AuthorizationDataEntry struct {
	ADType int32  `asn1:"explicit,tag:0"`
	ADData []byte `asn1:"explicit,tag:1"`
}

AuthorizationDataEntry implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6

func (*AuthorizationDataEntry) Unmarshal 

func (a *AuthorizationDataEntry) Unmarshal(b []byte) error

Unmarshal bytes into the AuthorizationDataEntry.

type Checksum 

type Checksum struct {
	CksumType int32  `asn1:"explicit,tag:0"`
	Checksum  []byte `asn1:"explicit,tag:1"`
}

Checksum implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.9

func (*Checksum) Unmarshal 

func (a *Checksum) Unmarshal(b []byte) error

Unmarshal bytes into the Checksum.

type ETypeInfo 

type ETypeInfo []ETypeInfoEntry

ETypeInfo implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.4

func (*ETypeInfo) Unmarshal 

func (a *ETypeInfo) Unmarshal(b []byte) error

Unmarshal bytes into the ETypeInfo

type ETypeInfo2 

type ETypeInfo2 []ETypeInfo2Entry

ETypeInfo2 implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.5

func (*ETypeInfo2) Unmarshal 

func (a *ETypeInfo2) Unmarshal(b []byte) error

Unmarshal bytes into the ETypeInfo2

type ETypeInfo2Entry 

type ETypeInfo2Entry struct {
	EType     int32  `asn1:"explicit,tag:0"`
	Salt      string `asn1:"explicit,optional,generalstring,tag:1"`
	S2KParams []byte `asn1:"explicit,optional,tag:2"`
}

ETypeInfo2Entry implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.5

func (*ETypeInfo2Entry) Unmarshal 

func (a *ETypeInfo2Entry) Unmarshal(b []byte) error

Unmarshal bytes into the ETypeInfo2Entry

type ETypeInfoEntry 

type ETypeInfoEntry struct {
	EType int32  `asn1:"explicit,tag:0"`
	Salt  []byte `asn1:"explicit,optional,tag:1"`
}

ETypeInfoEntry implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.4

func (*ETypeInfoEntry) Unmarshal 

func (a *ETypeInfoEntry) Unmarshal(b []byte) error

Unmarshal bytes into the ETypeInfoEntry

type EncryptedData 

type EncryptedData struct {
	EType  int32  `asn1:"explicit,tag:0"`
	KVNO   int    `asn1:"explicit,optional,tag:1"`
	Cipher []byte `asn1:"explicit,tag:2"`
}

EncryptedData implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.9

func (*EncryptedData) Marshal 

func (a *EncryptedData) Marshal() ([]byte, error)

Marshal the EncryptedData.

func (*EncryptedData) Unmarshal 

func (a *EncryptedData) Unmarshal(b []byte) error

Unmarshal bytes into the EncryptedData.

type EncryptionKey 

type EncryptionKey struct {
	KeyType  int32  `asn1:"explicit,tag:0"`
	KeyValue []byte `asn1:"explicit,tag:1" json:"-"`
}

EncryptionKey implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.9 AKA KeyBlock

func GenerateEncryptionKey 

func GenerateEncryptionKey(etype etype.EType) (EncryptionKey, error)

GenerateEncryptionKey creates a new EncryptionKey with a random key value.

func (*EncryptionKey) Unmarshal 

func (a *EncryptionKey) Unmarshal(b []byte) error

Unmarshal bytes into the EncryptionKey.

type HostAddress 

type HostAddress struct {
	AddrType int32  `asn1:"explicit,tag:0"`
	Address  []byte `asn1:"explicit,tag:1"`
}

HostAddress implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.5

func GetHostAddress 

func GetHostAddress(s string) (HostAddress, error)

GetHostAddress returns a HostAddress struct from a string in the format <hostname>:<port>

func HostAddressFromNetIP 

func HostAddressFromNetIP(ip net.IP) HostAddress

HostAddressFromNetIP returns a HostAddress type from a net.IP

func (*HostAddress) Equal 

func (h *HostAddress) Equal(a HostAddress) bool

Equal tests if the HostAddress is equal to another HostAddress provided.

func (*HostAddress) GetAddress 

func (h *HostAddress) GetAddress() (string, error)

GetAddress returns a string representation of the HostAddress.

type HostAddresses 

type HostAddresses []HostAddress

HostAddresses implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.5

func HostAddressesFromNetIPs 

func HostAddressesFromNetIPs(ips []net.IP) (ha HostAddresses)

HostAddressesFromNetIPs returns a HostAddresses type from a slice of net.IP

func LocalHostAddresses 

func LocalHostAddresses() (ha HostAddresses, err error)

LocalHostAddresses returns a HostAddresses struct for the local machines interface IP addresses.

func (*HostAddresses) Contains 

func (h *HostAddresses) Contains(a HostAddress) bool

Contains tests if a HostAddress is contained within the HostAddresses struct.

func (*HostAddresses) Equal 

func (h *HostAddresses) Equal(a []HostAddress) bool

Equal tests if a HostAddress slice is equal to the HostAddresses struct.

type MethodData 

type MethodData []PAData

MethodData implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.9.1

type PAData 

type PAData struct {
	PADataType  int32  `asn1:"explicit,tag:1"`
	PADataValue []byte `asn1:"explicit,tag:2"`
}

PAData implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7

func (*PAData) GetETypeInfo 

func (pa *PAData) GetETypeInfo() (d ETypeInfo, err error)

GetETypeInfo returns an ETypeInfo from the PAData.

func (*PAData) GetETypeInfo2 

func (pa *PAData) GetETypeInfo2() (d ETypeInfo2, err error)

GetETypeInfo2 returns an ETypeInfo2 from the PAData.

func (*PAData) Unmarshal 

func (pa *PAData) Unmarshal(b []byte) error

Unmarshal bytes into the PAData

type PADataSequence 

type PADataSequence []PAData

PADataSequence implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7

func (*PADataSequence) Contains 

func (pas *PADataSequence) Contains(patype int32) bool

Contains tests if a PADataSequence contains PA Data of a certain type.

func (*PADataSequence) Unmarshal 

func (pas *PADataSequence) Unmarshal(b []byte) error

Unmarshal bytes into the PADataSequence

type PAEncTSEnc 

type PAEncTSEnc struct {
	PATimestamp time.Time `asn1:"generalized,explicit,tag:0"`
	PAUSec      int       `asn1:"explicit,optional,tag:1"`
}

PAEncTSEnc implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.2

func (*PAEncTSEnc) Unmarshal 

func (pa *PAEncTSEnc) Unmarshal(b []byte) error

Unmarshal bytes into the PAEncTSEnc

type PAEncTimestamp 

type PAEncTimestamp EncryptedData

PAEncTimestamp implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.2

func (*PAEncTimestamp) Unmarshal 

func (pa *PAEncTimestamp) Unmarshal(b []byte) error

Unmarshal bytes into the PAEncTimestamp

type PAPacReq 

type PAPacReq struct {
	// contains filtered or unexported fields
}
KERB-PA-PAC-REQUEST ::= SEQUENCE {
	include-pac[0] BOOLEAN --If TRUE, and no pac present, include PAC.
						   --If FALSE, and PAC present, remove PAC
	}

https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/765795ba-9e05-4220-9bd3-b34464e413a7

type PAReqEncPARep 

type PAReqEncPARep struct {
	ChksumType int32  `asn1:"explicit,tag:0"`
	Chksum     []byte `asn1:"explicit,tag:1"`
}

PAReqEncPARep PA Data Type

func (*PAReqEncPARep) Unmarshal 

func (pa *PAReqEncPARep) Unmarshal(b []byte) error

Unmarshal bytes into the PAReqEncPARep

type PKAuthenticator 

type PKAuthenticator struct {
	Cusec int       `asn1:"explicit,tag:0"`
	CTime time.Time `asn1:"generalized,explicit,tag:1"`

	Cksum []byte `asn1:"explicit,optional,tag:3"`
	// contains filtered or unexported fields
}
PKAuthenticator ::= SEQUENCE {
	cusec [0] INTEGER (0..999999),
	ctime [1] KerberosTime,
	-- cusec and ctime are used as in [RFC4120], for
	-- replay prevention.
	nonce [2] INTEGER (0..4294967295),
	-- Chosen randomly; this nonce does not need to
	-- match with the nonce in the KDC-REQ-BODY.
	paChecksum [3] OCTET STRING OPTIONAL,
	-- MUST be present.
	-- Contains the SHA1 checksum, performed over
	-- KDC-REQ-BODY.
	...
	}

https://www.rfc-editor.org/rfc/pdfrfc/rfc4556.txt.pdf

func NewPKAuthenticator 

func NewPKAuthenticator() (PKAuthenticator, error)

NewAuthenticator creates a new PKAuthenticator.

type PrincipalName 

type PrincipalName struct {
	NameType   int32    `asn1:"explicit,tag:0"`
	NameString []string `asn1:"generalstring,explicit,tag:1"`
}

PrincipalName implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.2

func NewPrincipalName 

func NewPrincipalName(ntype int32, spn string) PrincipalName

NewPrincipalName creates a new PrincipalName from the name type int32 and name string provided.

func ParseSPNString 

func ParseSPNString(spn string) (pn PrincipalName, realm string)

ParseSPNString will parse a string in the format <service>/<name>@<realm> a PrincipalName type will be returned with the name type set to KRB_NT_PRINCIPAL(1) and the realm will be returned as a string. If the "@<realm>" suffix is not included in the SPN then the value of realm string returned will be ""

func (PrincipalName) Equal 

func (pn PrincipalName) Equal(n PrincipalName) bool

Equal tests if the PrincipalName is equal to the one provided.

func (PrincipalName) GetSalt 

func (pn PrincipalName) GetSalt(realm string) string

GetSalt returns a salt derived from the PrincipalName.

func (PrincipalName) PrincipalNameString 

func (pn PrincipalName) PrincipalNameString() string

PrincipalNameString returns the PrincipalName in string form.

type TypedData 

type TypedData struct {
	DataType  int32  `asn1:"explicit,tag:0"`
	DataValue []byte `asn1:"optional,explicit,tag:1"`
}

TypedData implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.9.1

type TypedDataSequence 

type TypedDataSequence []TypedData

TypedDataSequence implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.9.1

func (*TypedDataSequence) Unmarshal 

func (a *TypedDataSequence) Unmarshal(b []byte) error

Unmarshal bytes into the TypedDataSequence.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.