Home Explore Help
Register Sign In
baishaojie
/
database_sync
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f6861f0127
Branches Tags
database_sync
/
vendor
/
github.com
/
jcmturner
/
gokrb5
/
v8
/
pac
/
credentials_info.go

credentials_info.go 2.5 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. package pac
    2. 

  2. 

  3. import (
    4. 

  4. 	"bytes"
    5. 

  5. 	"errors"
    6. 

  6. 	"fmt"
    7. 

  7. 

  8. 	"github.com/jcmturner/gokrb5/v8/crypto"
    9. 

  9. 	"github.com/jcmturner/gokrb5/v8/iana/keyusage"
    10. 

  10. 	"github.com/jcmturner/gokrb5/v8/types"
    11. 

  11. 	"github.com/jcmturner/rpc/v2/mstypes"
    12. 

  12. 	"github.com/jcmturner/rpc/v2/ndr"
    13. 

  13. )
    14. 

  14. 

  15. // https://msdn.microsoft.com/en-us/library/cc237931.aspx
    16. 

  16. 

  17. // CredentialsInfo implements https://msdn.microsoft.com/en-us/library/cc237953.aspx
    18. 

  18. type CredentialsInfo struct {
    19. 

  19. 	Version                    uint32 // A 32-bit unsigned integer in little-endian format that defines the version. MUST be 0x00000000.
    20. 

  20. 	EType                      uint32
    21. 

  21. 	PACCredentialDataEncrypted []byte // Key usage number for encryption: KERB_NON_KERB_SALT (16)
    22. 

  22. 	PACCredentialData          CredentialData
    23. 

  23. }
    24. 

  24. 

  25. // Unmarshal bytes into the CredentialsInfo struct
    26. 

  26. func (c *CredentialsInfo) Unmarshal(b []byte, k types.EncryptionKey) (err error) {
    27. 

  27. 	//The CredentialsInfo structure is a simple structure that is not NDR-encoded.
    28. 

  28. 	r := mstypes.NewReader(bytes.NewReader(b))
    29. 

  29. 

  30. 	c.Version, err = r.Uint32()
    31. 

  31. 	if err != nil {
    32. 

  32. 		return
    33. 

  33. 	}
    34. 

  34. 	if c.Version != 0 {
    35. 

  35. 		err = errors.New("credentials info version is not zero")
    36. 

  36. 		return
    37. 

  37. 	}
    38. 

  38. 	c.EType, err = r.Uint32()
    39. 

  39. 	if err != nil {
    40. 

  40. 		return
    41. 

  41. 	}
    42. 

  42. 	c.PACCredentialDataEncrypted, err = r.ReadBytes(len(b) - 8)
    43. 

  43. 	if err != nil {
    44. 

  44. 		err = fmt.Errorf("error reading PAC Credetials Data: %v", err)
    45. 

  45. 		return
    46. 

  46. 	}
    47. 

  47. 

  48. 	err = c.DecryptEncPart(k)
    49. 

  49. 	if err != nil {
    50. 

  50. 		err = fmt.Errorf("error decrypting PAC Credentials Data: %v", err)
    51. 

  51. 		return
    52. 

  52. 	}
    53. 

  53. 	return
    54. 

  54. }
    55. 

  55. 

  56. // DecryptEncPart decrypts the encrypted part of the CredentialsInfo.
    57. 

  57. func (c *CredentialsInfo) DecryptEncPart(k types.EncryptionKey) error {
    58. 

  58. 	if k.KeyType != int32(c.EType) {
    59. 

  59. 		return fmt.Errorf("key provided is not the correct type. Type needed: %d, type provided: %d", c.EType, k.KeyType)
    60. 

  60. 	}
    61. 

  61. 	pt, err := crypto.DecryptMessage(c.PACCredentialDataEncrypted, k, keyusage.KERB_NON_KERB_SALT)
    62. 

  62. 	if err != nil {
    63. 

  63. 		return err
    64. 

  64. 	}
    65. 

  65. 	err = c.PACCredentialData.Unmarshal(pt)
    66. 

  66. 	if err != nil {
    67. 

  67. 		return err
    68. 

  68. 	}
    69. 

  69. 	return nil
    70. 

  70. }
    71. 

  71. 

  72. // CredentialData implements https://msdn.microsoft.com/en-us/library/cc237952.aspx
    73. 

  73. type CredentialData struct {
    74. 

  74. 	CredentialCount uint32
    75. 

  75. 	Credentials     []SECPKGSupplementalCred // Size is the value of CredentialCount
    76. 

  76. }
    77. 

  77. 

  78. // Unmarshal converts the bytes provided into a CredentialData type.
    79. 

  79. func (c *CredentialData) Unmarshal(b []byte) (err error) {
    80. 

  80. 	dec := ndr.NewDecoder(bytes.NewReader(b))
    81. 

  81. 	err = dec.Decode(c)
    82. 

  82. 	if err != nil {
    83. 

  83. 		err = fmt.Errorf("error unmarshaling KerbValidationInfo: %v", err)
    84. 

  84. 	}
    85. 

  85. 	return
    86. 

  86. }
    87.