[−][src]Crate kerberos_asn1
Kerberos ASN1
This library defines the ASN1 structures used by the Kerberos protocol as Rust structs. Based in the red_asn1 library.
Each type defined in this library provides a method parse
to parse
an array of bytes and create the type, and a method build
to create
an array of bytes from the type and its values.
Examples
Decoding a string of Kerberos:
use kerberos_asn1::KerberosString; use red_asn1::Asn1Object; let raw_string = &[ 0x1b, 0x0e, 0x4b, 0x49, 0x4e, 0x47, 0x44, 0x4f, 0x4d, 0x2e, 0x48, 0x45, 0x41, 0x52, 0x54, 0x53, ]; let (rest_raw, kerberos_string) = KerberosString::parse(raw_string).unwrap(); assert_eq!("KINGDOM.HEARTS", kerberos_string);
References
Structs
AdAndOr | (AD-AND-OR) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.3. |
AdKdcIssued | (AD-KDCIssued) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.2. |
ApRep | (AP-REP) Response to AP-REQ, sent when mutual authentication is selected. Defined in RFC4120, section 5.5.2. |
ApReq | (AP-REQ) Message sent to the application server to authenticate the client. Defined in RFC4120, section 5.5.1. |
AsRep | (AS-REP) Message returned by KDC in response to AS-REQ. |
AsReq | (AS-REQ) Message used to request a TGT. |
Authenticator | (Authenticator) Included in AP-REQ to certified the knowledge of the session key. Defined in RFC4120, section 5.5.1. |
AuthorizationDataEntry | Entry of the AuthorizationData |
Checksum | (Checksum) Checksum of the related message. Defined in RFC4120, section 5.2.9. |
EncApRepPart | (EncAPRepPart) Encrypted part of the message AP-REP. Defined in RFC4120, section 5.5.2. |
EncAsRepPart | (EncAsRepPart) Holds the data that is encrypted in AsRep |
EncKdcRepPart | (EncKdcRepPart) Holds the data that is encrypted in KdcRep |
EncKrbCredPart | (EncKrbCredPart) The encrypted part of the KRB-CRED message. Defined in RFC4120, section 5.8.1. |
EncKrbPrivPart | (EncKrbPrivPart) Encripted part of the KRB-PRIV message. Defined in RFC4120, section 5.7.1. |
EncTgsRepPart | (EncTgsRepPart) Holds the data that is encrypted in TgsRep |
EncTicketPart | (EncTicketPart) Encrypted part of a Ticket. Defined in RFC4120, section 5.3. |
EncryptedData | (EncryptedData) Chunck of data that is encrypted in Kerberos exchanges. |
EncryptionKey | (EncryptionKey) To represent the key of an encryption algorithm. |
EtypeInfo2Entry | (ETYPE-INFO2-ENTRY) Give information about an encryption algorithm. |
EtypeInfoEntry | (ETYPE-INFO-ENTRY) Entry of ETYPE-INFO. Defined RFC4120, section 5.2.7.4. |
HostAddress | (HostAddress) Different types of addresses. |
KdcReq | (KDC-REQ) Base for AS-REQ and TGS-REQ |
KdcReqBody | (KDC-REQ-BODY) Holds the most part of data of requests. |
KerbAdRestrictionEntry | (KERB-AD-RESTRICTION-ENTRY) Specify additional restrictions for the client. Defined in MS-KILE, section 2.2.6. |
KerbErrorData | (KERB-ERROR-DATA) returned in e-data field of KRB-ERROR. Defined in MS-KILE, section 2.2.2. |
KerbPaPacRequest | (KERB-PA-PAC-REQUEST) To indicate if PAC should be included in response. Defined in MS-KILE, section 2.2.3. |
KerberosFlags | (KerberosFlags) Flags used for different entities. Defined in RFC4120, section 5.2.8. |
KerberosTime | (KerberosTime) For time representations in Kerberos. |
KrbCred | (KRB-CRED) Message used to send Kerberos credentials form one principal to another. Defined in RFC4120, section 5.8.1. |
KrbCredInfo | (KrbCredInfo) Information of the ticket sent in EncKrbCredPart. Defined in RFC4120, section 5.8.1. |
KrbError | (KRB-ERROR) Message used to indicate an error. Defined in RFC4120, section 5.9.1. |
KrbPriv | (KRB-PRIV) To send a message securely and privately. Defined RFC4120, section 5.7.1. |
KrbSafe | (KRB-SAFE) Used to send a tamper-proof message to a peer. Defined in RFC4120, section 5.6.1. |
KrbSafeBody | (KRB-SAFE-BODY) Included in KRB-SAFE. Defined in RFC4120, section 5.6.1. |
LastReqEntry | Entry of LastReq. Pseudotype defined in this library. Defined in RFC4120, 5.4.2. |
PaData | (PA-DATA) Container that encapsules different types of preauthentication data structures. |
PaEncTsEnc | (PA-ENC-TS-ENC) Timestamp that is encrypted with client Key. |
PaForUser | (PA-FOR-USER) Used in S4U2Self, to specify user to impersonate. Defined in MS-SFU, section 2.2.1. |
PaPacOptions | (PA-PAC-OPTIONS) To request options of the PAC. Defined in MS-KILE, section 2.2.10 and MS-SFU, section 2.2.5. |
PaS4uX509User | (PA-S4U-X509-USER) Used in S4U2Self, to specify the user certificate. Defined MS-SFU, section 2.2.2. |
PrincipalName | (PrincipalName) Name of some Kerberos entity. |
S4uUserId | (S4UUserID) Used in PA-S4U-X509-USER, to specify the user certificate. Defined in MS-SFU, section 2.2.2. |
TgsRep | (TGS-REP) Message returned by KDC in response to TGS-REQ. |
TgsReq | (TGS-REQ) Message used to request a TGS. |
Ticket | (Ticket) Represents a Kerberos ticket. |
TransitedEncoding | (TransitedEncoding) Lists the names of the Kerberos realms that took part in the client authentication. Defined in RFC4120, section 5.3. |
TypedDataEntry | Entry of TYPED-DATA. Pseudotype type defined in this library for implementation. |
Enums
Error | Error in ASN1-DER parse/build operations |
TagClass | Enum with the different tag classes |
Constants
MAX_MICROSECONDS | |
MIN_MICROSECONDS |
Traits
Asn1Object | A trait to allow objects to be built/parsed from ASN1-DER |
Functions
padd_netbios_string | Helper to add the correct padding to a NetBIOS Host-Address |
Type Definitions
AdIfRelevant | (AD-IF-RELEVANT) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.1. |
AdMandatoryForKdc | (AD-MANDATORY-FOR-KDC) Type of AuthorizationData. Defined in RFC4120, section 5.2.6.4. |
ApOptions | (ApOptions) Options used in AP-REQ. Defined in RFC4120, section 5.5.1. |
AuthorizationData | (AuthorizationData) Defined in RFC4120, section 5.2.6. |
EtypeInfo | (ETYPE-INFO) Sent in KRB-ERROR to require additional pre-authentication. Defined RFC4120, section 5.2.7.4. |
EtypeInfo2 | (ETYPE-INFO2) Array of EtypeInfo2Entry that indicates the available encryption algorithms. |
HostAddresses | (HostAddresses) Array of HostAddress |
Int32 | (Int32) Kerberos i32. Defined in RFC4120, section 5.2.4. |
KdcOptions | (KDCOptions) Options used in Kerberos requests. |
KerbKeyListRep | (KERB-KEY-LIST-REP) Contains a list of key types the KDC has supplied to the client to support single sign-on capabilities in legacy protocols. Defined in MS-KILE, section 2.2.12. |
KerbKeyListReq | (KERB-KEY-LIST-REQ) Used to request a list of key types the KDC can supply to the client to support single sign-on capabilities in legacy protocols. Defined in MS-KILE, section 2.2.11. |
KerbLocal | (KERB-LOCAL) contain implementation-specific data used when the Kerberos client and application server are on the same host. Defined in MS-KILE, 2.2.4. |
KerberosString | (KerberosString) String used in Kerberos. Defined in RFC4120, section 5.2.1. |
LastReq | (LastReq) Register of time of a request to KDC. Defined in RFC4120, 5.4.2. |
MethodData | (METHOD-DATA) Sequence of PA-DATA. Defined in RFC4120, section 5.9.1. |
Microseconds | (Microseconds) Kerberos Microseconds. Defined in RFC4120, section 5.2.4. |
PaEncTimestamp | (PA-ENC-TIMESTAMP) Encrypted PA-ENC-TS-ENC. Defined in RFC4120, section 5.2.7.2. |
PaSupportedEnctypes | (PA-SUPPORTED-ENCTYPES) specify the encryption types supported. Defined in MS-KILE, section 2.2.8. |
Realm | (Realm) Kerberos realm. |
Result | Result that encapsulates the Error type of this library |
TicketFlags | (TicketFlags) Flags for tickets. |
TypedData | (TYPED-DATA) For add information to errors in KRB-ERROR. Defined in RFC4120, section 5.9.1. |
UInt32 | (UInt32) Kerberos u32. Defined RFC4120, section 5.2.4. |