VOL-2112 move to voltha-lib-go
Change-Id: Ic1af08003c1d2c698c0cce371e64f47b47b8d875
diff --git a/vendor/gopkg.in/jcmturner/gokrb5.v7/kadmin/passwd.go b/vendor/gopkg.in/jcmturner/gokrb5.v7/kadmin/passwd.go
new file mode 100644
index 0000000..2a7491a
--- /dev/null
+++ b/vendor/gopkg.in/jcmturner/gokrb5.v7/kadmin/passwd.go
@@ -0,0 +1,68 @@
+// Package kadmin provides Kerberos administration capabilities.
+package kadmin
+
+import (
+ "gopkg.in/jcmturner/gokrb5.v7/crypto"
+ "gopkg.in/jcmturner/gokrb5.v7/krberror"
+ "gopkg.in/jcmturner/gokrb5.v7/messages"
+ "gopkg.in/jcmturner/gokrb5.v7/types"
+)
+
+// ChangePasswdMsg generate a change password request and also return the key needed to decrypt the reply.
+func ChangePasswdMsg(cname types.PrincipalName, realm, password string, tkt messages.Ticket, sessionKey types.EncryptionKey) (r Request, k types.EncryptionKey, err error) {
+ // Create change password data struct and marshal to bytes
+ chgpasswd := ChangePasswdData{
+ NewPasswd: []byte(password),
+ TargName: cname,
+ TargRealm: realm,
+ }
+ chpwdb, err := chgpasswd.Marshal()
+ if err != nil {
+ err = krberror.Errorf(err, krberror.KRBMsgError, "error marshaling change passwd data")
+ return
+ }
+
+ // Generate authenticator
+ auth, err := types.NewAuthenticator(realm, cname)
+ if err != nil {
+ err = krberror.Errorf(err, krberror.KRBMsgError, "error generating new authenticator")
+ return
+ }
+ etype, err := crypto.GetEtype(sessionKey.KeyType)
+ if err != nil {
+ err = krberror.Errorf(err, krberror.KRBMsgError, "error generating subkey etype")
+ return
+ }
+ err = auth.GenerateSeqNumberAndSubKey(etype.GetETypeID(), etype.GetKeyByteSize())
+ if err != nil {
+ err = krberror.Errorf(err, krberror.KRBMsgError, "error generating subkey")
+ return
+ }
+ k = auth.SubKey
+
+ // Generate AP_REQ
+ APreq, err := messages.NewAPReq(tkt, sessionKey, auth)
+ if err != nil {
+ return
+ }
+
+ // Form the KRBPriv encpart data
+ kp := messages.EncKrbPrivPart{
+ UserData: chpwdb,
+ Timestamp: auth.CTime,
+ Usec: auth.Cusec,
+ SequenceNumber: auth.SeqNumber,
+ }
+ kpriv := messages.NewKRBPriv(kp)
+ err = kpriv.EncryptEncPart(k)
+ if err != nil {
+ err = krberror.Errorf(err, krberror.EncryptingError, "error encrypting change passwd data")
+ return
+ }
+
+ r = Request{
+ APREQ: APreq,
+ KRBPriv: kpriv,
+ }
+ return
+}