File: PrincipalName.go

package info (click to toggle)
golang-gopkg-jcmturner-gokrb5.v5 5.3.0%2Bdfsg-2
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, bullseye-backports, sid
  • size: 1,168 kB
  • sloc: makefile: 2
file content (64 lines) | stat: -rw-r--r-- 1,965 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
package types

import (
	"strings"

	"gopkg.in/jcmturner/gokrb5.v5/iana/nametype"
)

// Reference: https://www.ietf.org/rfc/rfc4120.txt
// Section: 5.2.2

// PrincipalName implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.2
type PrincipalName struct {
	NameType   int32    `asn1:"explicit,tag:0"`
	NameString []string `asn1:"generalstring,explicit,tag:1"`
}

// NewPrincipalName creates a new PrincipalName from the name type int32 and name string provided.
func NewPrincipalName(ntype int32, spn string) PrincipalName {
	return PrincipalName{
		NameType:   ntype,
		NameString: strings.Split(spn, "/"),
	}
}

// GetSalt returns a salt derived from the PrincipalName.
func (pn *PrincipalName) GetSalt(realm string) string {
	var sb []byte
	sb = append(sb, realm...)
	for _, n := range pn.NameString {
		sb = append(sb, n...)
	}
	return string(sb)
}

// Equal tests if the PrincipalName is equal to the one provided.
func (pn *PrincipalName) Equal(n PrincipalName) bool {
	//https://tools.ietf.org/html/rfc4120#section-6.2 - the name type is not significant when checking for equivalence
	for i, s := range pn.NameString {
		if n.NameString[i] != s {
			return false
		}
	}
	return true
}

// GetPrincipalNameString returns the PrincipalName in string form.
func (pn *PrincipalName) GetPrincipalNameString() string {
	return strings.Join(pn.NameString, "/")
}

// ParseSPNString will parse a string in the format <service>/<name>@<realm>
// a PrincipalName type will be returned with the name type set to KRB_NT_PRINCIPAL(1)
// and the realm will be returned as a string. If the "@<realm>" suffix
// is not included in the SPN then the value of realm string returned will be ""
func ParseSPNString(spn string) (pn PrincipalName, realm string) {
	if strings.Contains(spn, "@") {
		s := strings.Split(spn, "@")
		realm = s[len(s)-1]
		spn = strings.TrimSuffix(spn, "@"+realm)
	}
	pn = NewPrincipalName(nametype.KRB_NT_PRINCIPAL, spn)
	return
}