gRPC migration update
Change-Id: Icdd1a824948fa994cd36bd121c962f5ecf74e3cf
diff --git a/vendor/github.com/jcmturner/gokrb5/v8/types/Authenticator.go b/vendor/github.com/jcmturner/gokrb5/v8/types/Authenticator.go
new file mode 100644
index 0000000..1fdba78
--- /dev/null
+++ b/vendor/github.com/jcmturner/gokrb5/v8/types/Authenticator.go
@@ -0,0 +1,81 @@
+// Package types provides Kerberos 5 data types.
+package types
+
+import (
+ "crypto/rand"
+ "fmt"
+ "math"
+ "math/big"
+ "time"
+
+ "github.com/jcmturner/gofork/encoding/asn1"
+ "github.com/jcmturner/gokrb5/v8/asn1tools"
+ "github.com/jcmturner/gokrb5/v8/iana"
+ "github.com/jcmturner/gokrb5/v8/iana/asnAppTag"
+)
+
+// Authenticator - A record containing information that can be shown to have been recently generated using the session
+// key known only by the client and server.
+// https://tools.ietf.org/html/rfc4120#section-5.5.1
+type Authenticator struct {
+ AVNO int `asn1:"explicit,tag:0"`
+ CRealm string `asn1:"generalstring,explicit,tag:1"`
+ CName PrincipalName `asn1:"explicit,tag:2"`
+ Cksum Checksum `asn1:"explicit,optional,tag:3"`
+ Cusec int `asn1:"explicit,tag:4"`
+ CTime time.Time `asn1:"generalized,explicit,tag:5"`
+ SubKey EncryptionKey `asn1:"explicit,optional,tag:6"`
+ SeqNumber int64 `asn1:"explicit,optional,tag:7"`
+ AuthorizationData AuthorizationData `asn1:"explicit,optional,tag:8"`
+}
+
+// NewAuthenticator creates a new Authenticator.
+func NewAuthenticator(realm string, cname PrincipalName) (Authenticator, error) {
+ seq, err := rand.Int(rand.Reader, big.NewInt(math.MaxUint32))
+ if err != nil {
+ return Authenticator{}, err
+ }
+ t := time.Now().UTC()
+ return Authenticator{
+ AVNO: iana.PVNO,
+ CRealm: realm,
+ CName: cname,
+ Cksum: Checksum{},
+ Cusec: int((t.UnixNano() / int64(time.Microsecond)) - (t.Unix() * 1e6)),
+ CTime: t,
+ SeqNumber: seq.Int64(),
+ }, nil
+}
+
+// GenerateSeqNumberAndSubKey sets the Authenticator's sequence number and subkey.
+func (a *Authenticator) GenerateSeqNumberAndSubKey(keyType int32, keySize int) error {
+ seq, err := rand.Int(rand.Reader, big.NewInt(math.MaxUint32))
+ if err != nil {
+ return err
+ }
+ a.SeqNumber = seq.Int64()
+ //Generate subkey value
+ sk := make([]byte, keySize, keySize)
+ rand.Read(sk)
+ a.SubKey = EncryptionKey{
+ KeyType: keyType,
+ KeyValue: sk,
+ }
+ return nil
+}
+
+// Unmarshal bytes into the Authenticator.
+func (a *Authenticator) Unmarshal(b []byte) error {
+ _, err := asn1.UnmarshalWithParams(b, a, fmt.Sprintf("application,explicit,tag:%v", asnAppTag.Authenticator))
+ return err
+}
+
+// Marshal the Authenticator.
+func (a *Authenticator) Marshal() ([]byte, error) {
+ b, err := asn1.Marshal(*a)
+ if err != nil {
+ return nil, err
+ }
+ b = asn1tools.AddASNAppTag(b, asnAppTag.Authenticator)
+ return b, nil
+}
diff --git a/vendor/github.com/jcmturner/gokrb5/v8/types/AuthorizationData.go b/vendor/github.com/jcmturner/gokrb5/v8/types/AuthorizationData.go
new file mode 100644
index 0000000..80c477c
--- /dev/null
+++ b/vendor/github.com/jcmturner/gokrb5/v8/types/AuthorizationData.go
@@ -0,0 +1,55 @@
+package types
+
+import (
+ "github.com/jcmturner/gofork/encoding/asn1"
+)
+
+// Reference: https://www.ietf.org/rfc/rfc4120.txt
+// Section: 5.2.6
+
+// AuthorizationData implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6
+type AuthorizationData []AuthorizationDataEntry
+
+// AuthorizationDataEntry implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6
+type AuthorizationDataEntry struct {
+ ADType int32 `asn1:"explicit,tag:0"`
+ ADData []byte `asn1:"explicit,tag:1"`
+}
+
+// ADIfRelevant implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6.1
+type ADIfRelevant AuthorizationData
+
+// ADKDCIssued implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6.2
+type ADKDCIssued struct {
+ ADChecksum Checksum `asn1:"explicit,tag:0"`
+ IRealm string `asn1:"optional,generalstring,explicit,tag:1"`
+ Isname PrincipalName `asn1:"optional,explicit,tag:2"`
+ Elements AuthorizationData `asn1:"explicit,tag:3"`
+}
+
+// ADAndOr implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6.3
+type ADAndOr struct {
+ ConditionCount int32 `asn1:"explicit,tag:0"`
+ Elements AuthorizationData `asn1:"explicit,tag:1"`
+}
+
+// ADMandatoryForKDC implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.6.4
+type ADMandatoryForKDC AuthorizationData
+
+// Unmarshal bytes into the ADKDCIssued.
+func (a *ADKDCIssued) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
+
+// Unmarshal bytes into the AuthorizationData.
+func (a *AuthorizationData) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
+
+// Unmarshal bytes into the AuthorizationDataEntry.
+func (a *AuthorizationDataEntry) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
diff --git a/vendor/github.com/jcmturner/gokrb5/v8/types/Cryptosystem.go b/vendor/github.com/jcmturner/gokrb5/v8/types/Cryptosystem.go
new file mode 100644
index 0000000..2f354ea
--- /dev/null
+++ b/vendor/github.com/jcmturner/gokrb5/v8/types/Cryptosystem.go
@@ -0,0 +1,72 @@
+package types
+
+import (
+ "crypto/rand"
+
+ "github.com/jcmturner/gofork/encoding/asn1"
+ "github.com/jcmturner/gokrb5/v8/crypto/etype"
+)
+
+// Reference: https://www.ietf.org/rfc/rfc4120.txt
+// Section: 5.2.9
+
+// EncryptedData implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.9
+type EncryptedData struct {
+ EType int32 `asn1:"explicit,tag:0"`
+ KVNO int `asn1:"explicit,optional,tag:1"`
+ Cipher []byte `asn1:"explicit,tag:2"`
+}
+
+// EncryptionKey implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.9
+// AKA KeyBlock
+type EncryptionKey struct {
+ KeyType int32 `asn1:"explicit,tag:0"`
+ KeyValue []byte `asn1:"explicit,tag:1" json:"-"`
+}
+
+// Checksum implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.9
+type Checksum struct {
+ CksumType int32 `asn1:"explicit,tag:0"`
+ Checksum []byte `asn1:"explicit,tag:1"`
+}
+
+// Unmarshal bytes into the EncryptedData.
+func (a *EncryptedData) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
+
+// Marshal the EncryptedData.
+func (a *EncryptedData) Marshal() ([]byte, error) {
+ edb, err := asn1.Marshal(*a)
+ if err != nil {
+ return edb, err
+ }
+ return edb, nil
+}
+
+// Unmarshal bytes into the EncryptionKey.
+func (a *EncryptionKey) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
+
+// Unmarshal bytes into the Checksum.
+func (a *Checksum) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
+
+// GenerateEncryptionKey creates a new EncryptionKey with a random key value.
+func GenerateEncryptionKey(etype etype.EType) (EncryptionKey, error) {
+ k := EncryptionKey{
+ KeyType: etype.GetETypeID(),
+ }
+ b := make([]byte, etype.GetKeyByteSize(), etype.GetKeyByteSize())
+ _, err := rand.Read(b)
+ if err != nil {
+ return k, err
+ }
+ k.KeyValue = b
+ return k, nil
+}
diff --git a/vendor/github.com/jcmturner/gokrb5/v8/types/HostAddress.go b/vendor/github.com/jcmturner/gokrb5/v8/types/HostAddress.go
new file mode 100644
index 0000000..895fe80
--- /dev/null
+++ b/vendor/github.com/jcmturner/gokrb5/v8/types/HostAddress.go
@@ -0,0 +1,180 @@
+package types
+
+// Reference: https://www.ietf.org/rfc/rfc4120.txt
+// Section: 5.2.5
+
+import (
+ "bytes"
+ "fmt"
+ "net"
+
+ "github.com/jcmturner/gofork/encoding/asn1"
+ "github.com/jcmturner/gokrb5/v8/iana/addrtype"
+)
+
+// HostAddresses implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.5
+type HostAddresses []HostAddress
+
+// HostAddress implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.5
+type HostAddress struct {
+ AddrType int32 `asn1:"explicit,tag:0"`
+ Address []byte `asn1:"explicit,tag:1"`
+}
+
+// GetHostAddress returns a HostAddress struct from a string in the format <hostname>:<port>
+func GetHostAddress(s string) (HostAddress, error) {
+ var h HostAddress
+ cAddr, _, err := net.SplitHostPort(s)
+ if err != nil {
+ return h, fmt.Errorf("invalid format of client address: %v", err)
+ }
+ ip := net.ParseIP(cAddr)
+ var ht int32
+ if ip.To4() != nil {
+ ht = addrtype.IPv4
+ ip = ip.To4()
+ } else if ip.To16() != nil {
+ ht = addrtype.IPv6
+ ip = ip.To16()
+ } else {
+ return h, fmt.Errorf("could not determine client's address types: %v", err)
+ }
+ h = HostAddress{
+ AddrType: ht,
+ Address: ip,
+ }
+ return h, nil
+}
+
+// GetAddress returns a string representation of the HostAddress.
+func (h *HostAddress) GetAddress() (string, error) {
+ var b []byte
+ _, err := asn1.Unmarshal(h.Address, &b)
+ return string(b), err
+}
+
+// LocalHostAddresses returns a HostAddresses struct for the local machines interface IP addresses.
+func LocalHostAddresses() (ha HostAddresses, err error) {
+ ifs, err := net.Interfaces()
+ if err != nil {
+ return
+ }
+ for _, iface := range ifs {
+ if iface.Flags&net.FlagLoopback != 0 || iface.Flags&net.FlagUp == 0 {
+ // Interface is either loopback of not up
+ continue
+ }
+ addrs, err := iface.Addrs()
+ if err != nil {
+ continue
+ }
+ for _, addr := range addrs {
+ var ip net.IP
+ switch v := addr.(type) {
+ case *net.IPNet:
+ ip = v.IP
+ case *net.IPAddr:
+ ip = v.IP
+ }
+ var a HostAddress
+ if ip.To16() == nil {
+ //neither IPv4 or IPv6
+ continue
+ }
+ if ip.To4() != nil {
+ //Is IPv4
+ a.AddrType = addrtype.IPv4
+ a.Address = ip.To4()
+ } else {
+ a.AddrType = addrtype.IPv6
+ a.Address = ip.To16()
+ }
+ ha = append(ha, a)
+ }
+ }
+ return ha, nil
+}
+
+// HostAddressesFromNetIPs returns a HostAddresses type from a slice of net.IP
+func HostAddressesFromNetIPs(ips []net.IP) (ha HostAddresses) {
+ for _, ip := range ips {
+ ha = append(ha, HostAddressFromNetIP(ip))
+ }
+ return ha
+}
+
+// HostAddressFromNetIP returns a HostAddress type from a net.IP
+func HostAddressFromNetIP(ip net.IP) HostAddress {
+ if ip.To4() != nil {
+ //Is IPv4
+ return HostAddress{
+ AddrType: addrtype.IPv4,
+ Address: ip.To4(),
+ }
+ }
+ return HostAddress{
+ AddrType: addrtype.IPv6,
+ Address: ip.To16(),
+ }
+}
+
+// HostAddressesEqual tests if two HostAddress slices are equal.
+func HostAddressesEqual(h, a []HostAddress) bool {
+ if len(h) != len(a) {
+ return false
+ }
+ for _, e := range a {
+ var found bool
+ for _, i := range h {
+ if e.Equal(i) {
+ found = true
+ break
+ }
+ }
+ if !found {
+ return false
+ }
+ }
+ return true
+}
+
+// HostAddressesContains tests if a HostAddress is contained in a HostAddress slice.
+func HostAddressesContains(h []HostAddress, a HostAddress) bool {
+ for _, e := range h {
+ if e.Equal(a) {
+ return true
+ }
+ }
+ return false
+}
+
+// Equal tests if the HostAddress is equal to another HostAddress provided.
+func (h *HostAddress) Equal(a HostAddress) bool {
+ if h.AddrType != a.AddrType {
+ return false
+ }
+ return bytes.Equal(h.Address, a.Address)
+}
+
+// Contains tests if a HostAddress is contained within the HostAddresses struct.
+func (h *HostAddresses) Contains(a HostAddress) bool {
+ for _, e := range *h {
+ if e.Equal(a) {
+ return true
+ }
+ }
+ return false
+}
+
+// Equal tests if a HostAddress slice is equal to the HostAddresses struct.
+func (h *HostAddresses) Equal(a []HostAddress) bool {
+ if len(*h) != len(a) {
+ return false
+ }
+ for _, e := range a {
+ if !h.Contains(e) {
+ return false
+ }
+ }
+ return true
+}
diff --git a/vendor/github.com/jcmturner/gokrb5/v8/types/KerberosFlags.go b/vendor/github.com/jcmturner/gokrb5/v8/types/KerberosFlags.go
new file mode 100644
index 0000000..0f20383
--- /dev/null
+++ b/vendor/github.com/jcmturner/gokrb5/v8/types/KerberosFlags.go
@@ -0,0 +1,68 @@
+package types
+
+// Reference: https://www.ietf.org/rfc/rfc4120.txt
+// Section: 5.2.8
+
+import (
+ "github.com/jcmturner/gofork/encoding/asn1"
+)
+
+// NewKrbFlags returns an ASN1 BitString struct of the right size for KrbFlags.
+func NewKrbFlags() asn1.BitString {
+ f := asn1.BitString{}
+ f.Bytes = make([]byte, 4)
+ f.BitLength = len(f.Bytes) * 8
+ return f
+}
+
+// SetFlags sets the flags of an ASN1 BitString.
+func SetFlags(f *asn1.BitString, j []int) {
+ for _, i := range j {
+ SetFlag(f, i)
+ }
+}
+
+// SetFlag sets a flag in an ASN1 BitString.
+func SetFlag(f *asn1.BitString, i int) {
+ for l := len(f.Bytes); l < 4; l++ {
+ (*f).Bytes = append((*f).Bytes, byte(0))
+ (*f).BitLength = len((*f).Bytes) * 8
+ }
+ //Which byte?
+ b := i / 8
+ //Which bit in byte
+ p := uint(7 - (i - 8*b))
+ (*f).Bytes[b] = (*f).Bytes[b] | (1 << p)
+}
+
+// UnsetFlags unsets flags in an ASN1 BitString.
+func UnsetFlags(f *asn1.BitString, j []int) {
+ for _, i := range j {
+ UnsetFlag(f, i)
+ }
+}
+
+// UnsetFlag unsets a flag in an ASN1 BitString.
+func UnsetFlag(f *asn1.BitString, i int) {
+ for l := len(f.Bytes); l < 4; l++ {
+ (*f).Bytes = append((*f).Bytes, byte(0))
+ (*f).BitLength = len((*f).Bytes) * 8
+ }
+ //Which byte?
+ b := i / 8
+ //Which bit in byte
+ p := uint(7 - (i - 8*b))
+ (*f).Bytes[b] = (*f).Bytes[b] &^ (1 << p)
+}
+
+// IsFlagSet tests if a flag is set in the ASN1 BitString.
+func IsFlagSet(f *asn1.BitString, i int) bool {
+ //Which byte?
+ b := i / 8
+ //Which bit in byte
+ p := uint(7 - (i - 8*b))
+ if (*f).Bytes[b]&(1<<p) != 0 {
+ return true
+ }
+ return false
+}
diff --git a/vendor/github.com/jcmturner/gokrb5/v8/types/PAData.go b/vendor/github.com/jcmturner/gokrb5/v8/types/PAData.go
new file mode 100644
index 0000000..41645ec
--- /dev/null
+++ b/vendor/github.com/jcmturner/gokrb5/v8/types/PAData.go
@@ -0,0 +1,155 @@
+package types
+
+// Reference: https://www.ietf.org/rfc/rfc4120.txt
+// Section: 5.2.7
+import (
+ "fmt"
+ "time"
+
+ "github.com/jcmturner/gofork/encoding/asn1"
+ "github.com/jcmturner/gokrb5/v8/iana/patype"
+)
+
+// PAData implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7
+type PAData struct {
+ PADataType int32 `asn1:"explicit,tag:1"`
+ PADataValue []byte `asn1:"explicit,tag:2"`
+}
+
+// PADataSequence implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7
+type PADataSequence []PAData
+
+// MethodData implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.9.1
+type MethodData []PAData
+
+// PAEncTimestamp implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.2
+type PAEncTimestamp EncryptedData
+
+// PAEncTSEnc implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.2
+type PAEncTSEnc struct {
+ PATimestamp time.Time `asn1:"generalized,explicit,tag:0"`
+ PAUSec int `asn1:"explicit,optional,tag:1"`
+}
+
+// Contains tests if a PADataSequence contains PA Data of a certain type.
+func (pas *PADataSequence) Contains(patype int32) bool {
+ for _, pa := range *pas {
+ if pa.PADataType == patype {
+ return true
+ }
+ }
+ return false
+}
+
+// GetPAEncTSEncAsnMarshalled returns the bytes of a PAEncTSEnc.
+func GetPAEncTSEncAsnMarshalled() ([]byte, error) {
+ t := time.Now().UTC()
+ p := PAEncTSEnc{
+ PATimestamp: t,
+ PAUSec: int((t.UnixNano() / int64(time.Microsecond)) - (t.Unix() * 1e6)),
+ }
+ b, err := asn1.Marshal(p)
+ if err != nil {
+ return b, fmt.Errorf("error mashaling PAEncTSEnc: %v", err)
+ }
+ return b, nil
+}
+
+// ETypeInfoEntry implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.4
+type ETypeInfoEntry struct {
+ EType int32 `asn1:"explicit,tag:0"`
+ Salt []byte `asn1:"explicit,optional,tag:1"`
+}
+
+// ETypeInfo implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.4
+type ETypeInfo []ETypeInfoEntry
+
+// ETypeInfo2Entry implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.5
+type ETypeInfo2Entry struct {
+ EType int32 `asn1:"explicit,tag:0"`
+ Salt string `asn1:"explicit,optional,generalstring,tag:1"`
+ S2KParams []byte `asn1:"explicit,optional,tag:2"`
+}
+
+// ETypeInfo2 implements RFC 4120 types: https://tools.ietf.org/html/rfc4120#section-5.2.7.5
+type ETypeInfo2 []ETypeInfo2Entry
+
+// PAReqEncPARep PA Data Type
+type PAReqEncPARep struct {
+ ChksumType int32 `asn1:"explicit,tag:0"`
+ Chksum []byte `asn1:"explicit,tag:1"`
+}
+
+// Unmarshal bytes into the PAData
+func (pa *PAData) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, pa)
+ return err
+}
+
+// Unmarshal bytes into the PADataSequence
+func (pas *PADataSequence) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, pas)
+ return err
+}
+
+// Unmarshal bytes into the PAReqEncPARep
+func (pa *PAReqEncPARep) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, pa)
+ return err
+}
+
+// Unmarshal bytes into the PAEncTimestamp
+func (pa *PAEncTimestamp) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, pa)
+ return err
+}
+
+// Unmarshal bytes into the PAEncTSEnc
+func (pa *PAEncTSEnc) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, pa)
+ return err
+}
+
+// Unmarshal bytes into the ETypeInfo
+func (a *ETypeInfo) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
+
+// Unmarshal bytes into the ETypeInfoEntry
+func (a *ETypeInfoEntry) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
+
+// Unmarshal bytes into the ETypeInfo2
+func (a *ETypeInfo2) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
+
+// Unmarshal bytes into the ETypeInfo2Entry
+func (a *ETypeInfo2Entry) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}
+
+// GetETypeInfo returns an ETypeInfo from the PAData.
+func (pa *PAData) GetETypeInfo() (d ETypeInfo, err error) {
+ if pa.PADataType != patype.PA_ETYPE_INFO {
+ err = fmt.Errorf("PAData does not contain PA EType Info data. TypeID Expected: %v; Actual: %v", patype.PA_ETYPE_INFO, pa.PADataType)
+ return
+ }
+ _, err = asn1.Unmarshal(pa.PADataValue, &d)
+ return
+}
+
+// GetETypeInfo2 returns an ETypeInfo2 from the PAData.
+func (pa *PAData) GetETypeInfo2() (d ETypeInfo2, err error) {
+ if pa.PADataType != patype.PA_ETYPE_INFO2 {
+ err = fmt.Errorf("PAData does not contain PA EType Info 2 data. TypeID Expected: %v; Actual: %v", patype.PA_ETYPE_INFO2, pa.PADataType)
+ return
+ }
+ _, err = asn1.Unmarshal(pa.PADataValue, &d)
+ return
+}
diff --git a/vendor/github.com/jcmturner/gokrb5/v8/types/PrincipalName.go b/vendor/github.com/jcmturner/gokrb5/v8/types/PrincipalName.go
new file mode 100644
index 0000000..d48d2c1
--- /dev/null
+++ b/vendor/github.com/jcmturner/gokrb5/v8/types/PrincipalName.go
@@ -0,0 +1,67 @@
+package types
+
+import (
+ "strings"
+
+ "github.com/jcmturner/gokrb5/v8/iana/nametype"
+)
+
+// Reference: https://www.ietf.org/rfc/rfc4120.txt
+// Section: 5.2.2
+
+// PrincipalName implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.2
+type PrincipalName struct {
+ NameType int32 `asn1:"explicit,tag:0"`
+ NameString []string `asn1:"generalstring,explicit,tag:1"`
+}
+
+// NewPrincipalName creates a new PrincipalName from the name type int32 and name string provided.
+func NewPrincipalName(ntype int32, spn string) PrincipalName {
+ return PrincipalName{
+ NameType: ntype,
+ NameString: strings.Split(spn, "/"),
+ }
+}
+
+// GetSalt returns a salt derived from the PrincipalName.
+func (pn PrincipalName) GetSalt(realm string) string {
+ var sb []byte
+ sb = append(sb, realm...)
+ for _, n := range pn.NameString {
+ sb = append(sb, n...)
+ }
+ return string(sb)
+}
+
+// Equal tests if the PrincipalName is equal to the one provided.
+func (pn PrincipalName) Equal(n PrincipalName) bool {
+ if len(pn.NameString) != len(n.NameString) {
+ return false
+ }
+ //https://tools.ietf.org/html/rfc4120#section-6.2 - the name type is not significant when checking for equivalence
+ for i, s := range pn.NameString {
+ if n.NameString[i] != s {
+ return false
+ }
+ }
+ return true
+}
+
+// PrincipalNameString returns the PrincipalName in string form.
+func (pn PrincipalName) PrincipalNameString() string {
+ return strings.Join(pn.NameString, "/")
+}
+
+// ParseSPNString will parse a string in the format <service>/<name>@<realm>
+// a PrincipalName type will be returned with the name type set to KRB_NT_PRINCIPAL(1)
+// and the realm will be returned as a string. If the "@<realm>" suffix
+// is not included in the SPN then the value of realm string returned will be ""
+func ParseSPNString(spn string) (pn PrincipalName, realm string) {
+ if strings.Contains(spn, "@") {
+ s := strings.Split(spn, "@")
+ realm = s[len(s)-1]
+ spn = strings.TrimSuffix(spn, "@"+realm)
+ }
+ pn = NewPrincipalName(nametype.KRB_NT_PRINCIPAL, spn)
+ return
+}
diff --git a/vendor/github.com/jcmturner/gokrb5/v8/types/TypedData.go b/vendor/github.com/jcmturner/gokrb5/v8/types/TypedData.go
new file mode 100644
index 0000000..19e9f49
--- /dev/null
+++ b/vendor/github.com/jcmturner/gokrb5/v8/types/TypedData.go
@@ -0,0 +1,18 @@
+package types
+
+import "github.com/jcmturner/gofork/encoding/asn1"
+
+// TypedData implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.9.1
+type TypedData struct {
+ DataType int32 `asn1:"explicit,tag:0"`
+ DataValue []byte `asn1:"optional,explicit,tag:1"`
+}
+
+// TypedDataSequence implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.9.1
+type TypedDataSequence []TypedData
+
+// Unmarshal bytes into the TypedDataSequence.
+func (a *TypedDataSequence) Unmarshal(b []byte) error {
+ _, err := asn1.Unmarshal(b, a)
+ return err
+}