kerberos_parser/
krb5_constants.rs

1// See https://www.iana.org/assignments/kerberos-parameters/kerberos-parameters.xhtml
2
3use std::fmt;
4
5/// Address type
6#[derive(Clone, Copy, PartialEq, Eq)]
7pub struct AddressType(pub i32);
8
9#[rustfmt::skip]
10impl AddressType {
11    pub const IPV4          : AddressType = AddressType(2);
12    pub const DIRECTIONAL   : AddressType = AddressType(3);
13    pub const CHAOSNET      : AddressType = AddressType(5);
14    pub const XNS           : AddressType = AddressType(6);
15    pub const ISO           : AddressType = AddressType(7);
16    pub const DECNET_P4     : AddressType = AddressType(12);
17    pub const APPLETALK_DDP : AddressType = AddressType(16);
18    pub const NETBIOS       : AddressType = AddressType(20);
19    pub const IPV6          : AddressType = AddressType(24);
20}
21
22impl fmt::Debug for AddressType {
23    #[rustfmt::skip]
24    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
25        match self.0 {
26            2  => f.write_str("IPv4"),
27            3  => f.write_str("Directional"),
28            5  => f.write_str("ChaosNet"),
29            6  => f.write_str("XNS"),
30            7  => f.write_str("ISO"),
31            12 => f.write_str("DECNET Phase IV"),
32            16 => f.write_str("Appletalk DDP"),
33            20 => f.write_str("Netbios"),
34            24 => f.write_str("IPv6"),
35            n  => f.debug_tuple("AddressType").field(&n).finish(),
36        }
37    }
38}
39
40/// Encryption type
41#[derive(Clone, Copy, PartialEq, Eq)]
42pub struct EncryptionType(pub i32);
43
44#[rustfmt::skip]
45impl EncryptionType {
46    pub const DES_CBC_CRC                  : EncryptionType = EncryptionType(1);
47    pub const DES_CBC_MD4                  : EncryptionType = EncryptionType(2);
48    pub const DES_CBC_MD5                  : EncryptionType = EncryptionType(3);
49    pub const DES3_CBC_MD5                 : EncryptionType = EncryptionType(5);
50    pub const DES3_CBC_SHA1                : EncryptionType = EncryptionType(7);
51    pub const DSAWITHSHA1_CMSOID           : EncryptionType = EncryptionType(9);
52    pub const MD5WITHRSAENCRYPTION_CMSOID  : EncryptionType = EncryptionType(10);
53    pub const SHA1WITHRSAENCRYPTION_CMSOID : EncryptionType = EncryptionType(11);
54    pub const RC2CBC_ENVOID                : EncryptionType = EncryptionType(12);
55    pub const RSAENCRYPTION_ENVOID         : EncryptionType = EncryptionType(13);
56    pub const RSAES_OAEP_ENV_OID           : EncryptionType = EncryptionType(14);
57    pub const DES_EDE3_CBC_ENV_OID         : EncryptionType = EncryptionType(15);
58    pub const DES3_CBC_SHA1_KD             : EncryptionType = EncryptionType(16);
59    pub const AES128_CTS_HMAC_SHA1_96      : EncryptionType = EncryptionType(17);
60    pub const AES256_CTS_HMAC_SHA1_96      : EncryptionType = EncryptionType(18);
61    pub const AES128_CTS_HMAC_SHA256_128   : EncryptionType = EncryptionType(19);
62    pub const AES256_CTS_HMAC_SHA384_192   : EncryptionType = EncryptionType(20);
63    pub const RC4_HMAC                     : EncryptionType = EncryptionType(23);
64    pub const RC4_HMAC_EXP                 : EncryptionType = EncryptionType(24);
65    pub const CAMELLIA128_CTS_CMAC         : EncryptionType = EncryptionType(25);
66    pub const CAMELLIA256_CTS_CMAC         : EncryptionType = EncryptionType(26);
67    pub const SUBKEY_KEYMATERIAL           : EncryptionType = EncryptionType(65);
68    // negative values
69    pub const RC4_MD4                      : EncryptionType = EncryptionType(-128);
70    pub const RC4_PLAIN2                   : EncryptionType = EncryptionType(-129);
71    pub const RC4_LM                       : EncryptionType = EncryptionType(-130);
72    pub const RC4_SHA                      : EncryptionType = EncryptionType(-131);
73    pub const DES_PLAIN                    : EncryptionType = EncryptionType(-132);
74    pub const RC4_HMAC_OLD                 : EncryptionType = EncryptionType(-133);
75    pub const RC4_PLAIN_OLD                : EncryptionType = EncryptionType(-134);
76    pub const RC4_HMAC_OLD_EXP             : EncryptionType = EncryptionType(-135);
77    pub const RC4_PLAIN_OLD_EXP            : EncryptionType = EncryptionType(-136);
78    pub const RC4_PLAIN                    : EncryptionType = EncryptionType(-140);
79    pub const RC4_PLAIN_EXP                : EncryptionType = EncryptionType(-141);
80}
81
82impl fmt::Debug for EncryptionType {
83    #[rustfmt::skip]
84    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
85        match self.0 {
86            1    => f.write_str("des-cbc-crc"),
87            2    => f.write_str("des-cbc-md4"),
88            3    => f.write_str("des-cbc-md5"),
89            5    => f.write_str("des3-cbc-md5"),
90            7    => f.write_str("des3-cbc-sha1"),
91            9    => f.write_str("dsaWithSHA1-CmsOID"),
92            10   => f.write_str("md5WithRSAEncryption-CmsOID"),
93            11   => f.write_str("sha1WithRSAEncryption-CmsOID"),
94            12   => f.write_str("rc2CBC-EnvOID"),
95            13   => f.write_str("rsaEncryption-EnvOID"),
96            14   => f.write_str("rsaES-OAEP-ENV-OID"),
97            15   => f.write_str("des-ede3-cbc-Env-OID"),
98            16   => f.write_str("des3-cbc-sha1-kd"),
99            17   => f.write_str("aes128-cts-hmac-sha1-96"),
100            18   => f.write_str("aes256-cts-hmac-sha1-96"),
101            19   => f.write_str("aes128-cts-hmac-sha256-128"),
102            20   => f.write_str("aes256-cts-hmac-sha384-192"),
103            23   => f.write_str("rc4-hmac"),
104            24   => f.write_str("rc4-hmac-exp"),
105            25   => f.write_str("camellia128-cts-cmac"),
106            26   => f.write_str("camellia256-cts-cmac"),
107            65   => f.write_str("subkey-keymaterial"),
108            // negative values
109            -128 => f.write_str("rc4-md4"),
110            -129 => f.write_str("rc4-plain2"),
111            -130 => f.write_str("rc4-lm"),
112            -131 => f.write_str("rc4-sha"),
113            -132 => f.write_str("des-plain"),
114            -133 => f.write_str("rc4-hmac-OLD"),
115            -134 => f.write_str("rc4-plain-OLD"),
116            -135 => f.write_str("rc4-hmac-OLD-exp"),
117            -136 => f.write_str("rc4-plain-OLD-exp"),
118            -140 => f.write_str("rc4-plain"),
119            -141 => f.write_str("rc4-plain-exp"),
120            n    => f.debug_tuple("EncryptionType").field(&n).finish(),
121        }
122    }
123}
124
125/// Message type
126#[derive(Clone, Copy, PartialEq, Eq)]
127pub struct MessageType(pub u32);
128
129#[rustfmt::skip]
130impl MessageType {
131    /// Request for initial authentication
132    pub const KRB_AS_REQ     : MessageType = MessageType(10);
133    /// Response to KRB_AS_REQ request
134    pub const KRB_AS_REP     : MessageType = MessageType(11);
135    /// Request for authentication based on TGT
136    pub const KRB_TGS_REQ    : MessageType = MessageType(12);
137    /// Response to KRB_TGS_REQ request
138    pub const KRB_TGS_REP    : MessageType = MessageType(13);
139    /// Application request to server
140    pub const KRB_AP_REQ     : MessageType = MessageType(14);
141    /// Response to KRB_AP_REQ_MUTUAL
142    pub const KRB_AP_REP     : MessageType = MessageType(15);
143    /// Reserved for user-to-user krb_tgt_request
144    pub const KRB_RESERVED16 : MessageType = MessageType(16);
145    /// Reserved for user-to-user krb_tgt_reply
146    pub const KRB_RESERVED17 : MessageType = MessageType(17);
147    /// Safe (checksummed) application message
148    pub const KRB_SAFE       : MessageType = MessageType(20);
149    /// Private (encrypted) application message
150    pub const KRB_PRIV       : MessageType = MessageType(21);
151    /// Private (encrypted) message to forward credentials
152    pub const KRB_CRED       : MessageType = MessageType(22);
153    /// Error response
154    pub const KRB_ERROR      : MessageType = MessageType(30);
155}
156
157impl fmt::Debug for MessageType {
158    #[rustfmt::skip]
159    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
160        match self.0 {
161            10 => f.write_str("KRB_AS_REQ"),
162            11 => f.write_str("KRB_AS_REP"),
163            12 => f.write_str("KRB_TGS_REQ"),
164            13 => f.write_str("KRB_TGS_REP"),
165            14 => f.write_str("KRB_AP_REQ"),
166            15 => f.write_str("KRB_AP_REP"),
167            16 => f.write_str("KRB_RESERVED16"),
168            17 => f.write_str("KRB_RESERVED17"),
169            20 => f.write_str("KRB_SAFE"),
170            21 => f.write_str("KRB_PRIV"),
171            22 => f.write_str("KRB_CRED"),
172            30 => f.write_str("KRB_ERROR"),
173            n  => f.debug_tuple("MessageType").field(&n).finish(),
174        }
175    }
176}
177
178/// Name type
179#[derive(Clone, Copy, PartialEq, Eq)]
180pub struct NameType(pub i32);
181
182#[rustfmt::skip]
183impl NameType {
184    /// Name type not known
185    pub const KRB_NT_UNKNOWN        : NameType = NameType(0);
186    /// Just the name of the principal as in DCE, or for users
187    pub const KRB_NT_PRINCIPAL      : NameType = NameType(1);
188    /// Service and other unique instance (krbtgt)
189    pub const KRB_NT_SRV_INST       : NameType = NameType(2);
190    /// Service with host name as instance (telnet, rcommands)
191    pub const KRB_NT_SRV_HST        : NameType = NameType(3);
192    /// Service with host as remaining components
193    pub const KRB_NT_SRV_XHST       : NameType = NameType(4);
194    /// Unique ID
195    pub const KRB_NT_UID            : NameType = NameType(5);
196    /// Encoded X.509 Distinguished name \[RFC2253\]
197    pub const KRB_NT_X500_PRINCIPAL : NameType = NameType(6);
198    /// Name in form of SMTP email name (e.g., user@example.com)
199    pub const KRB_NT_SMTP_NAME      : NameType = NameType(7);
200    /// Enterprise name; may be mapped to principal name
201    pub const KRB_NT_ENTERPRISE     : NameType = NameType(10);
202}
203
204impl fmt::Debug for NameType {
205    #[rustfmt::skip]
206    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
207        match self.0 {
208            0  => f.write_str("KRB_NT_UNKNOWN"),
209            1  => f.write_str("KRB_NT_PRINCIPAL"),
210            2  => f.write_str("KRB_NT_SRV_INST"),
211            3  => f.write_str("KRB_NT_SRV_HST"),
212            4  => f.write_str("KRB_NT_SRV_XHST"),
213            5  => f.write_str("KRB_NT_UID"),
214            6  => f.write_str("KRB_NT_X500_PRINCIPAL"),
215            7  => f.write_str("KRB_NT_SMTP_NAME"),
216            10 => f.write_str("KRB_NT_ENTERPRISE"),
217            n  => f.debug_tuple("NameType").field(&n).finish(),
218        }
219    }
220}
221
222/// PA-Data type
223#[derive(Clone, Copy, PartialEq, Eq)]
224pub struct PAType(pub i32);
225
226#[rustfmt::skip]
227impl PAType {
228    /// DER encoding of AP-REQ
229    pub const PA_TGS_REQ          : PAType = PAType(1);
230    /// DER encoding of PA-ENC-TIMESTAMP
231    pub const PA_ENC_TS           : PAType = PAType(2);
232    /// salt (not ASN.1 encoded)
233    pub const PA_PW_SALT          : PAType = PAType(3);
234    /// DER encoding of ETYPE-INFO
235    pub const PA_ETYPE_INFO       : PAType = PAType(11);
236    /// DER encoding of ETYPE-INFO2
237    pub const PA_ETYPE_INFO2      : PAType = PAType(19);
238    /// Windows PAC request
239    pub const PA_PAC_REQUEST      : PAType = PAType(128);
240    /// Support for FAST pre-auth mechanism
241    pub const PA_REQ_ENC_PA_REP   : PAType = PAType(149);
242}
243
244impl fmt::Debug for PAType {
245    #[rustfmt::skip]
246    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
247        match self.0 {
248            1   => f.write_str("pa-tgs-req"),
249            2   => f.write_str("pa-enc-timestamp"),
250            3   => f.write_str("pa-pw-salt"),
251            11  => f.write_str("pa-etype-info"),
252            19  => f.write_str("pa-etype-info2"),
253            128 => f.write_str("pa-pac-request"),
254            149 => f.write_str("pa-req-enc-pa-rep"),
255            n   => f.debug_tuple("PAType").field(&n).finish(),
256        }
257    }
258}