Crate kerberos_asn1

Source
Expand description

§Kerberos ASN1

This library defines the ASN1 structures used by the Kerberos protocol as Rust structs. Based in the red_asn1 library.

Each type defined in this library provides a method parse to parse an array of bytes and create the type, and a method build to create an array of bytes from the type and its values.

§Examples

Decoding a string of Kerberos:

use kerberos_asn1::KerberosString;
use red_asn1::Asn1Object;

let raw_string = &[
                0x1b, 0x0e, 0x4b, 0x49, 0x4e, 0x47, 0x44, 0x4f, 0x4d, 0x2e,
                0x48, 0x45, 0x41, 0x52, 0x54, 0x53,
            ];
let (rest_raw, kerberos_string) = KerberosString::parse(raw_string).unwrap();

assert_eq!("KINGDOM.HEARTS", kerberos_string);  

§References

Structs§

  • (AD-AND-OR) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.3.
  • (AD-KDCIssued) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.2.
  • (AP-REP) Response to AP-REQ, sent when mutual authentication is selected. Defined in RFC4120, section 5.5.2.
  • (AP-REQ) Message sent to the application server to authenticate the client. Defined in RFC4120, section 5.5.1.
  • (AS-REP) Message returned by KDC in response to AS-REQ.
  • (AS-REQ) Message used to request a TGT.
  • (Authenticator) Included in AP-REQ to certified the knowledge of the session key. Defined in RFC4120, section 5.5.1.
  • Entry of the AuthorizationData
  • (Checksum) Checksum of the related message. Defined in RFC4120, section 5.2.9.
  • (EncAPRepPart) Encrypted part of the message AP-REP. Defined in RFC4120, section 5.5.2.
  • (EncAsRepPart) Holds the data that is encrypted in AsRep
  • (EncKdcRepPart) Holds the data that is encrypted in KdcRep
  • (EncKrbCredPart) The encrypted part of the KRB-CRED message. Defined in RFC4120, section 5.8.1.
  • (EncKrbPrivPart) Encripted part of the KRB-PRIV message. Defined in RFC4120, section 5.7.1.
  • (EncTgsRepPart) Holds the data that is encrypted in TgsRep
  • (EncTicketPart) Encrypted part of a Ticket. Defined in RFC4120, section 5.3.
  • (EncryptedData) Chunck of data that is encrypted in Kerberos exchanges.
  • (EncryptionKey) To represent the key of an encryption algorithm.
  • (ETYPE-INFO2-ENTRY) Give information about an encryption algorithm.
  • (ETYPE-INFO-ENTRY) Entry of ETYPE-INFO. Defined RFC4120, section 5.2.7.4.
  • (HostAddress) Different types of addresses.
  • (KDC-REQ) Base for AS-REQ and TGS-REQ
  • (KDC-REQ-BODY) Holds the most part of data of requests.
  • (KERB-AD-RESTRICTION-ENTRY) Specify additional restrictions for the client. Defined in MS-KILE, section 2.2.6.
  • (KERB-ERROR-DATA) returned in e-data field of KRB-ERROR. Defined in MS-KILE, section 2.2.2.
  • (KERB-PA-PAC-REQUEST) To indicate if PAC should be included in response. Defined in MS-KILE, section 2.2.3.
  • (KerberosFlags) Flags used for different entities. Defined in RFC4120, section 5.2.8.
  • (KerberosTime) For time representations in Kerberos.
  • (KRB-CRED) Message used to send Kerberos credentials form one principal to another. Defined in RFC4120, section 5.8.1.
  • (KrbCredInfo) Information of the ticket sent in EncKrbCredPart. Defined in RFC4120, section 5.8.1.
  • (KRB-ERROR) Message used to indicate an error. Defined in RFC4120, section 5.9.1.
  • (KRB-PRIV) To send a message securely and privately. Defined RFC4120, section 5.7.1.
  • (KRB-SAFE) Used to send a tamper-proof message to a peer. Defined in RFC4120, section 5.6.1.
  • (KRB-SAFE-BODY) Included in KRB-SAFE. Defined in RFC4120, section 5.6.1.
  • Entry of LastReq. Pseudotype defined in this library. Defined in RFC4120, 5.4.2.
  • (PA-DATA) Container that encapsules different types of preauthentication data structures.
  • (PA-ENC-TS-ENC) Timestamp that is encrypted with client Key.
  • (PA-FOR-USER) Used in S4U2Self, to specify user to impersonate. Defined in MS-SFU, section 2.2.1.
  • (PA-PAC-OPTIONS) To request options of the PAC. Defined in MS-KILE, section 2.2.10 and MS-SFU, section 2.2.5.
  • (PA-S4U-X509-USER) Used in S4U2Self, to specify the user certificate. Defined MS-SFU, section 2.2.2.
  • (PrincipalName) Name of some Kerberos entity.
  • (S4UUserID) Used in PA-S4U-X509-USER, to specify the user certificate. Defined in MS-SFU, section 2.2.2.
  • (TGS-REP) Message returned by KDC in response to TGS-REQ.
  • (TGS-REQ) Message used to request a TGS.
  • (Ticket) Represents a Kerberos ticket.
  • (TransitedEncoding) Lists the names of the Kerberos realms that took part in the client authentication. Defined in RFC4120, section 5.3.
  • Entry of TYPED-DATA. Pseudotype type defined in this library for implementation.

Enums§

  • Error in ASN1-DER parse/build operations
  • Enum with the different tag classes

Constants§

Traits§

  • A trait to allow objects to be built/parsed from ASN1-DER

Functions§

Type Aliases§

  • (AD-IF-RELEVANT) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.1.
  • (AD-MANDATORY-FOR-KDC) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.4.
  • (ApOptions) Options used in AP-REQ. Defined in RFC4120, section 5.5.1.
  • (AuthorizationData) Defined in RFC4120, section 5.2.6.
  • (ETYPE-INFO) Sent in KRB-ERROR to require additional pre-authentication. Defined RFC4120, section 5.2.7.4.
  • (ETYPE-INFO2) Array of EtypeInfo2Entry that indicates the available encryption algorithms.
  • (HostAddresses) Array of HostAddress
  • (Int32) Kerberos i32. Defined in RFC4120, section 5.2.4.
  • (KDCOptions) Options used in Kerberos requests.
  • (KERB-KEY-LIST-REP) Contains a list of key types the KDC has supplied to the client to support single sign-on capabilities in legacy protocols. Defined in MS-KILE, section 2.2.12.
  • (KERB-KEY-LIST-REQ) Used to request a list of key types the KDC can supply to the client to support single sign-on capabilities in legacy protocols. Defined in MS-KILE, section 2.2.11.
  • (KERB-LOCAL) contain implementation-specific data used when the Kerberos client and application server are on the same host. Defined in MS-KILE, 2.2.4.
  • (KerberosString) String used in Kerberos. Defined in RFC4120, section 5.2.1.
  • (LastReq) Register of time of a request to KDC. Defined in RFC4120, 5.4.2.
  • (METHOD-DATA) Sequence of PA-DATA. Defined in RFC4120, section 5.9.1.
  • (Microseconds) Kerberos Microseconds. Defined in RFC4120, section 5.2.4.
  • (PA-ENC-TIMESTAMP) Encrypted PA-ENC-TS-ENC. Defined in RFC4120, section 5.2.7.2.
  • (PA-SUPPORTED-ENCTYPES) specify the encryption types supported. Defined in MS-KILE, section 2.2.8.
  • (Realm) Kerberos realm.
  • Result that encapsulates the Error type of this library
  • (TicketFlags) Flags for tickets.
  • (TYPED-DATA) For add information to errors in KRB-ERROR. Defined in RFC4120, section 5.9.1.
  • (UInt32) Kerberos u32. Defined RFC4120, section 5.2.4.