gssapi

package
v0.0.0-...-fc028b1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 31, 2017 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Generic Security Services Application Program Interface implementation required for SPNEGO kerberos authentication.

Index

Constants

View Source 
const (
	TOK_ID_KRB_AP_REQ = "0100"
	TOK_ID_KRB_AP_REP = "0200"
	TOK_ID_KRB_ERROR  = "0300"

	GSS_C_DELEG_FLAG    = 1
	GSS_C_MUTUAL_FLAG   = 2
	GSS_C_REPLAY_FLAG   = 4
	GSS_C_SEQUENCE_FLAG = 8
	GSS_C_CONF_FLAG     = 16
	GSS_C_INTEG_FLAG    = 32
)

Variables

View Source 
var MechTypeOID_Krb5 = asn1.ObjectIdentifier{1, 2, 840, 113554, 1, 2, 2}

MechType OID for Kerberos 5

View Source 
var MechTypeOID_MSLegacyKrb5 = asn1.ObjectIdentifier{1, 2, 840, 48018, 1, 2, 2}

MechType OID for MS legacy Kerberos 5

View Source 
var SPNEGO_OID = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 2}

Functions

func NewKRB5APREQMechToken 

func NewKRB5APREQMechToken(creds credentials.Credentials, tkt messages.Ticket, sessionKey types.EncryptionKey) ([]byte, error)

Create new kerberos AP_REQ MechToken

func UnmarshalNegToken 

func UnmarshalNegToken(b []byte) (bool, interface{}, error)

Unmarshal and return either a NegTokenInit or a NegTokenResp.

The boolean indicates if the response is a NegTokenInit. If error is nil and the boolean is false the response is a NegTokenResp.

Types

type ContextFlags 

type ContextFlags asn1.BitString

func NewContextFlags 

func NewContextFlags() ContextFlags

type MechToken 

type MechToken struct {
	OID      asn1.ObjectIdentifier
	TokID    []byte
	APReq    messages.APReq
	APRep    messages.APRep
	KRBError messages.KRBError
}

func (*MechToken) IsAPRep 

func (m *MechToken) IsAPRep() bool

func (*MechToken) IsAPReq 

func (m *MechToken) IsAPReq() bool

func (*MechToken) IsKRBError 

func (m *MechToken) IsKRBError() bool

func (*MechToken) Unmarshal 

func (m *MechToken) Unmarshal(b []byte) error

type NegTokenInit 

type NegTokenInit struct {
	MechTypes    []asn1.ObjectIdentifier `asn1:"explicit,tag:0"`
	ReqFlags     ContextFlags            `asn1:"explicit,optional,tag:1"`
	MechToken    []byte                  `asn1:"explicit,optional,tag:2"`
	MechTokenMIC []byte                  `asn1:"explicit,optional,tag:3"`
}

Negotiation Token - Init

func NewNegTokenInitKrb5 

func NewNegTokenInitKrb5(creds credentials.Credentials, tkt messages.Ticket, sessionKey types.EncryptionKey) (NegTokenInit, error)

Create new Init negotiation token for Kerberos 5

func (*NegTokenInit) Marshal 

func (n *NegTokenInit) Marshal() ([]byte, error)

Marshal an Init negotiation token

type NegTokenResp 

type NegTokenResp struct {
	NegState      asn1.Enumerated       `asn1:"explicit,tag:0"`
	SupportedMech asn1.ObjectIdentifier `asn1:"explicit,optional,tag:1"`
	ResponseToken []byte                `asn1:"explicit,optional,tag:2"`
	MechListMIC   []byte                `asn1:"explicit,optional,tag:3"`
}

Negotiation Token - Resp/Targ

func (*NegTokenResp) Marshal 

func (n *NegTokenResp) Marshal() ([]byte, error)

Marshal a Resp/Targ negotiation token

type NegTokenTarg 

type NegTokenTarg NegTokenResp

type SPNEGO 

type SPNEGO struct {
	Init         bool
	Resp         bool
	NegTokenInit NegTokenInit
	NegTokenResp NegTokenResp
}

func GetSPNEGOKrbNegTokenInit 

func GetSPNEGOKrbNegTokenInit(creds credentials.Credentials, tkt messages.Ticket, sessionKey types.EncryptionKey) (SPNEGO, error)

func (*SPNEGO) Marshal 

func (s *SPNEGO) Marshal() ([]byte, error)

Marshal SPNEGO negotiation token

func (*SPNEGO) Unmarshal 

func (s *SPNEGO) Unmarshal(b []byte) error

Unmarshal SPNEGO negotiation token

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.