package pac
Import Path
github.com/jcmturner/gokrb5/v8/pac (on go.dev)
Dependency Relation
imports 11 packages, and imported by one package
Involved Source Files
client_claims.go
client_info.go
credentials_info.go
device_claims.go
device_info.go
Package pac implements Microsoft Privilege Attribute Certificate (PAC) processing.
pac_type.go
s4u_delegation_info.go
signature_data.go
supplemental_cred.go
upn_dns_info.go
Package-Level Type Names (total 14)
ClientClaimsInfo implements https://msdn.microsoft.com/en-us/library/hh536365.aspx
ClaimsSet mstypes.ClaimsSet
ClaimsSetMetadata mstypes.ClaimsSetMetadata
Unmarshal bytes into the ClientClaimsInfo struct
ClientInfo implements https://msdn.microsoft.com/en-us/library/cc237951.aspx
// A FILETIME structure in little-endian format that contains the Kerberos initial ticket-granting ticket TGT authentication time
// An array of 16-bit Unicode characters in little-endian format that contains the client's account name.
// An unsigned 16-bit integer in little-endian format that specifies the length, in bytes, of the Name field.
Unmarshal bytes into the ClientInfo struct
CredentialData implements https://msdn.microsoft.com/en-us/library/cc237952.aspx
CredentialCount uint32
// Size is the value of CredentialCount
Unmarshal converts the bytes provided into a CredentialData type.
CredentialsInfo implements https://msdn.microsoft.com/en-us/library/cc237953.aspx
EType uint32
PACCredentialData CredentialData
// Key usage number for encryption: KERB_NON_KERB_SALT (16)
// A 32-bit unsigned integer in little-endian format that defines the version. MUST be 0x00000000.
DecryptEncPart decrypts the encrypted part of the CredentialsInfo.
Unmarshal bytes into the CredentialsInfo struct
DeviceClaimsInfo implements https://msdn.microsoft.com/en-us/library/hh554226.aspx
ClaimsSet mstypes.ClaimsSet
ClaimsSetMetadata mstypes.ClaimsSetMetadata
Unmarshal bytes into the ClientClaimsInfo struct
DeviceInfo implements https://msdn.microsoft.com/en-us/library/hh536402.aspx
// A SID structure that contains the SID for the domain of the account.This member is used in conjunction with the UserId, and GroupIds members to create the user and group SIDs for the client.
// A 32-bit unsigned integer that contains the number of groups within the account domain to which the account belongs
// A pointer to a list of GROUP_MEMBERSHIP (section 2.2.2) structures that contains the groups to which the account belongs in the account domain. The number of groups in this list MUST be equal to GroupCount.
// A pointer to a list of DOMAIN_GROUP_MEMBERSHIP structures (section 2.2.3) that contains the domains to which the account belongs to a group. The number of sets in this list MUST be equal to DomainCount.
// A 32-bit unsigned integer that contains the number of domains with groups to which the account belongs.
// A pointer to a list of KERB_SID_AND_ATTRIBUTES structures that contain a list of SIDs corresponding to groups not in domains. If the UserId member equals 0x00000000, the first group SID in this member is the SID for this account.
// A 32-bit unsigned integer that contains the RID for the primary group to which this account belongs.
// A 32-bit unsigned integer that contains the total number of SIDs present in the ExtraSids member.
// A 32-bit unsigned integer that contains the RID of the account. If the UserId member equals 0x00000000, the first group SID in this member is the SID for this account.
Unmarshal bytes into the DeviceInfo struct
InfoBuffer implements the PAC Info Buffer: https://msdn.microsoft.com/en-us/library/cc237954.aspx
// A 32-bit unsigned integer in little-endian format that contains the size, in bytes, of the buffer in the PAC located at Offset.
// A 64-bit unsigned integer in little-endian format that contains the offset to the beginning of the buffer, in bytes, from the beginning of the PACTYPE structure. The data offset MUST be a multiple of eight. The following sections specify the format of each type of element.
// A 32-bit unsigned integer in little-endian format that describes the type of data present in the buffer contained at Offset.
KerbValidationInfo implement https://msdn.microsoft.com/en-us/library/cc237948.aspx
BadPasswordCount uint16
EffectiveName mstypes.RPCUnicodeString
ExtraSIDs []mstypes.KerbSidAndAttributes
FailedILogonCount uint32
FullName mstypes.RPCUnicodeString
GroupCount uint32
GroupIDs []mstypes.GroupMembership
HomeDirectory mstypes.RPCUnicodeString
HomeDirectoryDrive mstypes.RPCUnicodeString
KickOffTime mstypes.FileTime
LastFailedILogon mstypes.FileTime
LastSuccessfulILogon mstypes.FileTime
LogOffTime mstypes.FileTime
LogOnTime mstypes.FileTime
LogonCount uint16
LogonDomainID mstypes.RPCSID
LogonDomainName mstypes.RPCUnicodeString
LogonScript mstypes.RPCUnicodeString
LogonServer mstypes.RPCUnicodeString
PasswordCanChange mstypes.FileTime
PasswordLastSet mstypes.FileTime
PasswordMustChange mstypes.FileTime
PrimaryGroupID uint32
ProfilePath mstypes.RPCUnicodeString
// Has 2 elements
Reserved3 uint32
ResourceGroupCount uint32
ResourceGroupDomainSID mstypes.RPCSID
ResourceGroupIDs []mstypes.GroupMembership
SIDCount uint32
SubAuthStatus uint32
UserAccountControl uint32
UserFlags uint32
UserID uint32
UserSessionKey mstypes.UserSessionKey
GetGroupMembershipSIDs returns a slice of strings containing the group membership SIDs found in the PAC.
Unmarshal bytes into the DeviceInfo struct
NTLMSupplementalCred implements https://msdn.microsoft.com/en-us/library/cc237949.aspx
Flags uint32
// A 16-element array of unsigned 8-bit integers that define the LM OWF. The LMPassword member MUST be ignored if the L flag is not set in the Flags member.
// A 16-element array of unsigned 8-bit integers that define the NT OWF. The NTPassword member MUST be ignored if the N flag is not set in the Flags member.
// A 32-bit unsigned integer that defines the credential version.This field MUST be 0x00000000.
Unmarshal converts the bytes provided into a NTLMSupplementalCred.
PACType implements: https://msdn.microsoft.com/en-us/library/cc237950.aspx
Buffers []InfoBuffer
CBuffers uint32
ClientClaimsInfo *ClientClaimsInfo
ClientInfo *ClientInfo
CredentialsInfo *CredentialsInfo
Data []byte
DeviceClaimsInfo *DeviceClaimsInfo
DeviceInfo *DeviceInfo
KDCChecksum *SignatureData
KerbValidationInfo *KerbValidationInfo
S4UDelegationInfo *S4UDelegationInfo
ServerChecksum *SignatureData
UPNDNSInfo *UPNDNSInfo
Version uint32
ZeroSigData []byte
ProcessPACInfoBuffers processes the PAC Info Buffers.
https://msdn.microsoft.com/en-us/library/cc237954.aspx
Unmarshal bytes into the PACType struct
func github.com/jcmturner/gokrb5/v8/messages.(*Ticket).GetPACType(keytab *keytab.Keytab, sname *types.PrincipalName, l *log.Logger) (bool, PACType, error)
S4UDelegationInfo implements https://msdn.microsoft.com/en-us/library/cc237944.aspx
// The name of the principal to whom the application can forward the ticket.
// List of all services that have been delegated through by this client and subsequent services or servers.. Size is value of TransitedListSize
TransitedListSize uint32
Unmarshal bytes into the S4UDelegationInfo struct
SECPKGSupplementalCred implements https://msdn.microsoft.com/en-us/library/cc237956.aspx
CredentialSize uint32
// Is a ptr. Size is the value of CredentialSize
PackageName mstypes.RPCUnicodeString
Unmarshal converts the bytes provided into a SECPKGSupplementalCred.
SignatureData implements https://msdn.microsoft.com/en-us/library/cc237955.aspx
// A 16-bit unsigned integer value in little-endian format that contains the first 16 bits of the key version number ([MS-KILE] section 3.1.5.8) when the KDC is an RODC. When the KDC is not an RODC, this field does not exist.
// Size depends on the type. See comment above.
// A 32-bit unsigned integer value in little-endian format that defines the cryptographic system used to calculate the checksum. This MUST be one of the following checksum types: KERB_CHECKSUM_HMAC_MD5 (signature size = 16), HMAC_SHA1_96_AES128 (signature size = 12), HMAC_SHA1_96_AES256 (signature size = 12).
Unmarshal bytes into the SignatureData struct
UPNDNSInfo implements https://msdn.microsoft.com/en-us/library/dd240468.aspx
DNSDomain string
DNSDomainNameLength uint16
DNSDomainNameOffset uint16
Flags uint32
UPN string
// An unsigned 16-bit integer in little-endian format that specifies the length, in bytes, of the UPN field.
// An unsigned 16-bit integer in little-endian format that contains the offset to the beginning of the buffer, in bytes, from the beginning of the UPN_DNS_INFO structure.
Unmarshal bytes into the UPN_DNSInfo struct
Package-Level Constants (total 14)
NTLMSupCredLMOWF indicates that the LM OWF member is present and valid.
NTLMSupCredNTOWF indicates that the NT OWF member is present and valid.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
KERB_VALIDATION_INFO flags.
 |
The pages are generated with Golds v0.6.7. (GOOS=linux GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @Go100and1 (reachable from the left QR code) to get the latest news of Golds. |