spnego

package

v1.0.0 Latest Latest Go to latest Published: Apr 30, 2024 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/oiweiwei/go-msrpc

Links

Open Source Insights

Documentation ¶

Overview ¶

spnego package implements the SPNEGO security service client.

This package also contains client-side GSSAPI bindings (InitSecurityContext, Wrap, Unwrap and so on).

Index ¶

Constants
Variables
type Authentifier
type Config
- func (Config) Type() gssapi.OID
type Mechanism
type NegTokenInit
- func (tok *NegTokenInit) Marshal(ctx context.Context) ([]byte, error)
- func (tok *NegTokenInit) Unmarshal(ctx context.Context, b []byte) error
type NegTokenResp
- func (tok *NegTokenResp) Marshal(ctx context.Context) ([]byte, error)
- func (tok *NegTokenResp) Unmarshal(ctx context.Context, b []byte) error
type State

Constants ¶

View Source

const Application = 1 << 6

View Source

const (
	HintName = "not_defined_in_RFC4178@please_ignore"
)

Variables ¶

View Source

var (
	ErrReject = errors.New("spnego: rejected")
)

View Source

var (
	MechanismTypeSPNEGO = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 2}
)

Functions ¶

This section is empty.

Types ¶

type Authentifier ¶

type Authentifier struct {
	// The authentifier configuration.
	*Config
	// The selected mechanism.
	Mechanism gssapi.Mechanism
	// The retrieved Mechanism List.
	RetrievedMechanismList []asn1.ObjectIdentifier
	// Require mechanism list MIC.
	RequireMechanismListMIC bool
}

func (*Authentifier) IsNegTokenInit ¶

func (a *Authentifier) IsNegTokenInit(ctx context.Context, b []byte) bool

func (*Authentifier) MakeMechanismList ¶

func (a *Authentifier) MakeMechanismList(ctx context.Context) []asn1.ObjectIdentifier

func (*Authentifier) Negotiate ¶

func (a *Authentifier) Negotiate(ctx context.Context) ([]byte, error)

func (*Authentifier) Respond ¶

func (a *Authentifier) Respond(ctx context.Context, b []byte) ([]byte, error)

func (*Authentifier) SelectMechanism ¶

func (a *Authentifier) SelectMechanism(ctx context.Context, oid gssapi.OID) gssapi.Mechanism

type Config ¶

type Config struct {
	// The services available.
	Capabilities gssapi.Cap
	// The list of negotiated mechanisms.
	MechanismsList []gssapi.MechanismFactory
}

func (Config) Type ¶

func (Config) Type() gssapi.OID

The configuration type.

type Mechanism ¶

type Mechanism struct {
	*Authentifier
}

func (*Mechanism) Accept ¶

func (m *Mechanism) Accept(ctx context.Context, tok *gssapi.Token) (*gssapi.Token, error)

func (Mechanism) DefaultConfig ¶

func (Mechanism) DefaultConfig(ctx context.Context) (gssapi.MechanismConfig, error)

func (*Mechanism) Init ¶

func (m *Mechanism) Init(ctx context.Context, tok *gssapi.Token) (*gssapi.Token, error)

func (*Mechanism) MakeSignature ¶

func (m *Mechanism) MakeSignature(ctx context.Context, tok *gssapi.MessageToken) (*gssapi.MessageToken, error)

MakeSignature function.

func (*Mechanism) MakeSignatureEx ¶

func (m *Mechanism) MakeSignatureEx(ctx context.Context, tok *gssapi.MessageTokenEx) (*gssapi.MessageTokenEx, error)

MakeSignatureEx function.

func (Mechanism) New ¶

func (Mechanism) New(ctx context.Context) (gssapi.Mechanism, error)

func (Mechanism) Type ¶

func (Mechanism) Type() gssapi.OID

func (*Mechanism) Unwrap ¶

func (m *Mechanism) Unwrap(ctx context.Context, tok *gssapi.MessageToken) (*gssapi.MessageToken, error)

Unwrap function.

func (*Mechanism) UnwrapEx ¶

func (m *Mechanism) UnwrapEx(ctx context.Context, tok *gssapi.MessageTokenEx) (*gssapi.MessageTokenEx, error)

UnwrapEx function.

func (*Mechanism) VerifySignature ¶

func (m *Mechanism) VerifySignature(ctx context.Context, tok *gssapi.MessageToken) error

VerifySignature function.

func (*Mechanism) VerifySignatureEx ¶

func (m *Mechanism) VerifySignatureEx(ctx context.Context, tok *gssapi.MessageTokenEx) error

VerifySignatureEx function.

func (*Mechanism) Wrap ¶

func (m *Mechanism) Wrap(ctx context.Context, tok *gssapi.MessageToken) (*gssapi.MessageToken, error)

Wrap function.

func (*Mechanism) WrapEx ¶

func (m *Mechanism) WrapEx(ctx context.Context, tok *gssapi.MessageTokenEx) (*gssapi.MessageTokenEx, error)

WrapEx function.

func (*Mechanism) WrapSizeLimit ¶

func (m *Mechanism) WrapSizeLimit(ctx context.Context, sz int, conf bool) int

type NegTokenInit ¶

type NegTokenInit struct {
	// This field contains one or more security mechanisms
	// available for the initiator, in decreasing preference order
	// (favorite choice first).
	MechTypes []asn1.ObjectIdentifier
	// This field, if present, contains the service options that are
	// requested to establish the context.
	ReqFlags asn1.BitString
	// This field, if present, contains the optimistic mechanism token.
	MechToken []byte
	// This field, if present, contains an MIC token for the mechanism
	// list in the initial negotiation message.
	MechTokenMIC []byte
	// Negotiate hints.
	HintName string
	// Hint address.
	HintAddress []byte
}

The negotiate token initialization message.

func (*NegTokenInit) Marshal ¶

func (tok *NegTokenInit) Marshal(ctx context.Context) ([]byte, error)

Marshal function marshals the negotiate token initialization.

func (*NegTokenInit) Unmarshal ¶

func (tok *NegTokenInit) Unmarshal(ctx context.Context, b []byte) error

Unmarshal function unmarshals the negotiate token initialization.

type NegTokenResp ¶

type NegTokenResp struct {
	// This field, if present, contains the state of the negotiation.
	State State
	// This field SHALL only be present in the first reply from the
	// target. It MUST be one of the mechanism(s) offered by the initiator.
	SupportedMech asn1.ObjectIdentifier
	// This field, if present, contains tokens specific to the mechanism
	// selected.
	ResponseToken []byte
	// This field, if present, contains an MIC token for the mechanism
	// list in the initial negotiation message.
	MechListMIC []byte
}

The negotiate token response.

func (*NegTokenResp) Marshal ¶

func (tok *NegTokenResp) Marshal(ctx context.Context) ([]byte, error)

Marshal function marshals the negotiate token response.

func (*NegTokenResp) Unmarshal ¶

func (tok *NegTokenResp) Unmarshal(ctx context.Context, b []byte) error

Unmarshal function unmarshals the negotiate token response.

type State ¶

type State int

The negotiation state.

var (
	// No further negotiation message from the peer is expected,
	// and the security context is established for the sender.
	AcceptCompleted State = 0
	// At least one additional negotiation message from the peer is
	// needed to establish the security context.
	AcceptIncomplete State = 1
	// The sender terminates the negotiation.
	Reject State = 2
	// The sender indicates that the exchange of MIC tokens will be
	// REQUIRED if per-message integrity services are available on the
	// mechanism context to be established.
	//
	// This value SHALL only be present in the first reply from the target.
	RequestMIC State = 3
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL