[−][src]Crate kerberos_asn1
Kerberos ASN1
This library defines the ASN1 structures used by the Kerberos protocol as Rust structs. Based in the red_asn1 library.
Each type defined in this library provides a method parse to parse
an array of bytes and create the type, and a method build to create
an array of bytes from the type and its values.
Examples
Decoding a string of Kerberos:
use kerberos_asn1::KerberosString; use red_asn1::Asn1Object; let raw_string = &[ 0x1b, 0x0e, 0x4b, 0x49, 0x4e, 0x47, 0x44, 0x4f, 0x4d, 0x2e, 0x48, 0x45, 0x41, 0x52, 0x54, 0x53, ]; let (rest_raw, kerberos_string) = KerberosString::parse(raw_string).unwrap(); assert_eq!("KINGDOM.HEARTS", kerberos_string);
References
Structs
| AdAndOr | (AD-AND-OR) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.3. |
| AdKdcIssued | (AD-KDCIssued) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.2. |
| ApRep | (AP-REP) Response to AP-REQ, sent when mutual authentication is selected. Defined in RFC4120, section 5.5.2. |
| ApReq | (AP-REQ) Message sent to the application server to authenticate the client. Defined in RFC4120, section 5.5.1. |
| AsRep | (AS-REP) Message returned by KDC in response to AS-REQ. |
| AsReq | (AS-REQ) Message used to request a TGT. |
| Authenticator | (Authenticator) Included in AP-REQ to certified the knowledge of the session key. Defined in RFC4120, section 5.5.1. |
| AuthorizationData | (AuthorizationData) Defined in RFC4120, section 5.2.6. |
| Checksum | (Checksum) Checksum of the related message. Defined in RFC4120, section 5.2.9. |
| EncApRepPart | (EncAPRepPart) Encrypted part of the message AP-REP. Defined in RFC4120, section 5.5.2. |
| EncAsRepPart | (EncAsRepPart) Holds the data that is encrypted in AsRep |
| EncKdcRepPart | (EncKdcRepPart) Holds the data that is encrypted in KdcRep |
| EncKrbCredPart | (EncKrbCredPart) The encrypted part of the KRB-CRED message. Defined in RFC4120, section 5.8.1. |
| EncKrbPrivPart | (EncKrbPrivPart) Encripted part of the KRB-PRIV message. Defined in RFC4120, section 5.7.1. |
| EncTgsRepPart | (EncTgsRepPart) Holds the data that is encrypted in TgsRep |
| EncTicketPart | (EncTicketPart) Encrypted part of a Ticket. Defined in RFC4120, section 5.3. |
| EncryptedData | (EncryptedData) Chunck of data that is encrypted in Kerberos exchanges. |
| EncryptionKey | (EncryptionKey) To represent the key of an encryption algorithm. |
| EtypeInfo2Entry | (ETYPE-INFO2-ENTRY) Give information about an encryption algorithm. |
| EtypeInfoEntry | (ETYPE-INFO-ENTRY) Entry of ETYPE-INFO. Defined RFC4120, section 5.2.7.4. |
| HostAddress | (HostAddress) Different types of addresses. |
| KdcReq | (KDC-REQ) Base for AS-REQ and TGS-REQ |
| KdcReqBody | (KDC-REQ-BODY) Holds the most part of data of requests. |
| KerbAdRestrictionEntry | (KERB-AD-RESTRICTION-ENTRY) Specify additional restrictions for the client. Defined in MS-KILE, section 2.2.6. |
| KerbErrorData | (KERB-ERROR-DATA) returned in e-data field of KRB-ERROR. Defined in MS-KILE, section 2.2.2. |
| KerbPaPacRequest | (KERB-PA-PAC-REQUEST) To indicate if PAC should be included in response. Defined in MS-KILE, section 2.2.3. |
| KerberosFlags | (KerberosFlags) Flags used for different entities. Defined in RFC4120, section 5.2.8. |
| KerberosTime | (KerberosTime) For time representations in Kerberos. |
| KrbCred | (KRB-CRED) Message used to send Kerberos credentials form one principal to another. Defined in RFC4120, section 5.8.1. |
| KrbCredInfo | (KrbCredInfo) Information of the ticket sent in EncKrbCredPart. Defined in RFC4120, section 5.8.1. |
| KrbError | (KRB-ERROR) Message used to indicate an error. Defined in RFC4120, section 5.9.1. |
| KrbPriv | (KRB-PRIV) To send a message securely and privately. Defined RFC4120, section 5.7.1. |
| KrbSafe | (KRB-SAFE) Used to send a tamper-proof message to a peer. Defined in RFC4120, section 5.6.1. |
| KrbSafeBody | (KRB-SAFE-BODY) Included in KRB-SAFE. Defined in RFC4120, section 5.6.1. |
| LastReqEntry | Entry of LastReq. Pseudotype defined in this library. Defined in RFC4120, 5.4.2. |
| PaData | (PA-DATA) Container that encapsules different types of preauthentication data structures. |
| PaEncTsEnc | (PA-ENC-TS-ENC) Timestamp that is encrypted with client Key. |
| PaForUser | (PA-FOR-USER) Used in S4U2Self, to specify user to impersonate. Defined in MS-SFU, section 2.2.1. |
| PaPacOptions | (PA-PAC-OPTIONS) To request options of the PAC. Defined in MS-KILE, section 2.2.10 and MS-SFU, section 2.2.5. |
| PaS4uX509User | (PA-S4U-X509-USER) Used in S4U2Self, to specify the user certificate. Defined MS-SFU, section 2.2.2. |
| PrincipalName | (PrincipalName) Name of some Kerberos entity. |
| S4uUserId | (S4UUserID) Used in PA-S4U-X509-USER, to specify the user certificate. Defined in MS-SFU, section 2.2.2. |
| TgsRep | (TGS-REP) Message returned by KDC in response to TGS-REQ. |
| TgsReq | (TGS-REQ) Message used to request a TGS. |
| Ticket | (Ticket) Represents a Kerberos ticket. |
| TransitedEncoding | (TransitedEncoding) Lists the names of the Kerberos realms that took part in the client authentication. Defined in RFC4120, section 5.3. |
| TypedDataEntry | Entry of TYPED-DATA. Pseudotype type defined in this library for implementation. |
Enums
| Error | Error in ASN1-DER parse/build operations |
| TagClass | Enum with the different tag classes |
Constants
| MAX_MICROSECONDS | |
| MIN_MICROSECONDS |
Traits
| Asn1Object | A trait to allow objects to be built/parsed from ASN1-DER |
Functions
| padd_netbios_string | Helper to add the correct padding to a NetBIOS Host-Address |
Type Definitions
| AdIfRelevant | (AD-IF-RELEVANT) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.1. |
| AdMandatoryForKdc | (AD-MANDATORY-FOR-KDC) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.4. |
| ApOptions | (ApOptions) Options used in AP-REQ. Defined in RFC4120, section 5.5.1. |
| EtypeInfo | (ETYPE-INFO) Sent in KRB-ERROR to require additional pre-authentication. Defined RFC4120, section 5.2.7.4. |
| EtypeInfo2 | (ETYPE-INFO2) Array of EtypeInfo2Entry that indicates the available encryption algorithms. |
| HostAddresses | (HostAddresses) Array of HostAddress |
| Int32 | (Int32) Kerberos i32. Defined in RFC4120, section 5.2.4. |
| KdcOptions | (KDCOptions) Options used in Kerberos requests. |
| KerbKeyListRep | (KERB-KEY-LIST-REP) Contains a list of key types the KDC has supplied to the client to support single sign-on capabilities in legacy protocols. Defined in MS-KILE, section 2.2.12. |
| KerbKeyListReq | (KERB-KEY-LIST-REQ) Used to request a list of key types the KDC can supply to the client to support single sign-on capabilities in legacy protocols. Defined in MS-KILE, section 2.2.11. |
| KerbLocal | (KERB-LOCAL) contain implementation-specific data used when the Kerberos client and application server are on the same host. Defined in MS-KILE, 2.2.4. |
| KerberosString | (KerberosString) String used in Kerberos. Defined in RFC4120, section 5.2.1. |
| LastReq | (LastReq) Register of time of a request to KDC. Defined in RFC4120, 5.4.2. |
| MethodData | (METHOD-DATA) Sequence of PA-DATA. Defined in RFC4120, section 5.9.1. |
| Microseconds | (Microseconds) Kerberos Microseconds. Defined in RFC4120, section 5.2.4. |
| PaEncTimestamp | (PA-ENC-TIMESTAMP) Encrypted PA-ENC-TS-ENC. Defined in RFC4120, section 5.2.7.2. |
| PaSupportedEnctypes | (PA-SUPPORTED-ENCTYPES) specify the encryption types supported. Defined in MS-KILE, section 2.2.8. |
| Realm | (Realm) Kerberos realm. |
| Result | Result that encapsulates the Error type of this library |
| TicketFlags | (TicketFlags) Flags for tickets. |
| TypedData | (TYPED-DATA) For add information to errors in KRB-ERROR. Defined in RFC4120, section 5.9.1. |
| UInt32 | (UInt32) Kerberos u32. Defined RFC4120, section 5.2.4. |