vendor/gopkg.in/jcmturner/gokrb5.v7/kadmin/passwd.go - voltha-go - Gitiles

 // Package kadmin provides Kerberos administration capabilities.
 package kadmin

 import (
 	"gopkg.in/jcmturner/gokrb5.v7/crypto"
 	"gopkg.in/jcmturner/gokrb5.v7/krberror"
 	"gopkg.in/jcmturner/gokrb5.v7/messages"
 	"gopkg.in/jcmturner/gokrb5.v7/types"
 )

 // ChangePasswdMsg generate a change password request and also return the key needed to decrypt the reply.
 func ChangePasswdMsg(cname types.PrincipalName, realm, password string, tkt messages.Ticket, sessionKey types.EncryptionKey) (r Request, k types.EncryptionKey, err error) {
 	// Create change password data struct and marshal to bytes
 	chgpasswd := ChangePasswdData{
 		NewPasswd: []byte(password),
 		TargName:  cname,
 		TargRealm: realm,
 	}
 	chpwdb, err := chgpasswd.Marshal()
 	if err != nil {
 		err = krberror.Errorf(err, krberror.KRBMsgError, "error marshaling change passwd data")
 		return
 	}

 	// Generate authenticator
 	auth, err := types.NewAuthenticator(realm, cname)
 	if err != nil {
 		err = krberror.Errorf(err, krberror.KRBMsgError, "error generating new authenticator")
 		return
 	}
 	etype, err := crypto.GetEtype(sessionKey.KeyType)
 	if err != nil {
 		err = krberror.Errorf(err, krberror.KRBMsgError, "error generating subkey etype")
 		return
 	}
 	err = auth.GenerateSeqNumberAndSubKey(etype.GetETypeID(), etype.GetKeyByteSize())
 	if err != nil {
 		err = krberror.Errorf(err, krberror.KRBMsgError, "error generating subkey")
 		return
 	}
 	k = auth.SubKey

 	// Generate AP_REQ
 	APreq, err := messages.NewAPReq(tkt, sessionKey, auth)
 	if err != nil {
 		return
 	}

 	// Form the KRBPriv encpart data
 	kp := messages.EncKrbPrivPart{
 		UserData:       chpwdb,
 		Timestamp:      auth.CTime,
 		Usec:           auth.Cusec,
 		SequenceNumber: auth.SeqNumber,
 	}
 	kpriv := messages.NewKRBPriv(kp)
 	err = kpriv.EncryptEncPart(k)
 	if err != nil {
 		err = krberror.Errorf(err, krberror.EncryptingError, "error encrypting change passwd data")
 		return
 	}

 	r = Request{
 		APREQ:   APreq,
 		KRBPriv: kpriv,
 	}
 	return
 }
	// Package kadmin provides Kerberos administration capabilities.
	package kadmin

	import (
	"gopkg.in/jcmturner/gokrb5.v7/crypto"
	"gopkg.in/jcmturner/gokrb5.v7/krberror"
	"gopkg.in/jcmturner/gokrb5.v7/messages"
	"gopkg.in/jcmturner/gokrb5.v7/types"
	)

	// ChangePasswdMsg generate a change password request and also return the key needed to decrypt the reply.
	func ChangePasswdMsg(cname types.PrincipalName, realm, password string, tkt messages.Ticket, sessionKey types.EncryptionKey) (r Request, k types.EncryptionKey, err error) {
	// Create change password data struct and marshal to bytes
	chgpasswd := ChangePasswdData{
	NewPasswd: []byte(password),
	TargName: cname,
	TargRealm: realm,
	}
	chpwdb, err := chgpasswd.Marshal()
	if err != nil {
	err = krberror.Errorf(err, krberror.KRBMsgError, "error marshaling change passwd data")
	return
	}

	// Generate authenticator
	auth, err := types.NewAuthenticator(realm, cname)
	if err != nil {
	err = krberror.Errorf(err, krberror.KRBMsgError, "error generating new authenticator")
	return
	}
	etype, err := crypto.GetEtype(sessionKey.KeyType)
	if err != nil {
	err = krberror.Errorf(err, krberror.KRBMsgError, "error generating subkey etype")
	return
	}
	err = auth.GenerateSeqNumberAndSubKey(etype.GetETypeID(), etype.GetKeyByteSize())
	if err != nil {
	err = krberror.Errorf(err, krberror.KRBMsgError, "error generating subkey")
	return
	}
	k = auth.SubKey

	// Generate AP_REQ
	APreq, err := messages.NewAPReq(tkt, sessionKey, auth)
	if err != nil {
	return
	}

	// Form the KRBPriv encpart data
	kp := messages.EncKrbPrivPart{
	UserData: chpwdb,
	Timestamp: auth.CTime,
	Usec: auth.Cusec,
	SequenceNumber: auth.SeqNumber,
	}
	kpriv := messages.NewKRBPriv(kp)
	err = kpriv.EncryptEncPart(k)
	if err != nil {
	err = krberror.Errorf(err, krberror.EncryptingError, "error encrypting change passwd data")
	return
	}

	r = Request{
	APREQ: APreq,
	KRBPriv: kpriv,
	}
	return
	}