Главная Обзор Помощь
Регистрация Вход
publics
/
gokrb5.v7
0
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 6bb6f3f81c
Ветки Метки
gokrb5.v7
/
types
/
KerberosFlags.go

KerberosFlags.go 4.1 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124 
  1. package types
    2. 

  2. 

  3. // Reference: https://www.ietf.org/rfc/rfc4120.txt
    4. 

  4. // Section: 5.2.8
    5. 

  5. 

  6. import (
    7. 

  7. 	"github.com/jcmturner/asn1"
    8. 

  8. )
    9. 

  9. 

  10. /*
    11. 

  11. KerberosFlags
    12. 

  12. 

  13. For several message types, a specific constrained bit string type,
    14. 

  14. KerberosFlags, is used.
    15. 

  15. 

  16. KerberosFlags   ::= BIT STRING (SIZE (32..MAX))
    17. 

  17. -- minimum number of bits shall be sent,
    18. 

  18. -- but no fewer than 32
    19. 

  19. 

  20. Compatibility note: The following paragraphs describe a change from
    21. 

  21. the RFC 1510 description of bit strings that would result in
    22. 

  22. incompatility in the case of an implementation that strictly
    23. 

  23. conformed to ASN.1 DER and RFC 1510.
    24. 

  24. 

  25. ASN.1 bit strings have multiple uses.  The simplest use of a bit
    26. 

  26. string is to contain a vector of bits, with no particular meaning
    27. 

  27. attached to individual bits.  This vector of bits is not necessarily
    28. 

  28. a multiple of eight bits long.  The use in Kerberos of a bit string
    29. 

  29. as a compact boolean vector wherein each element has a distinct
    30. 

  30. meaning poses some problems.  The natural notation for a compact
    31. 

  31. boolean vector is the ASN.1 "NamedBit" notation, and the DER require
    32. 

  32. that encodings of a bit string using "NamedBit" notation exclude any
    33. 

  33. trailing zero bits.  This truncation is easy to neglect, especially
    34. 

  34. given C language implementations that naturally choose to store
    35. 

  35. boolean vectors as 32-bit integers.
    36. 

  36. 

  37. For example, if the notation for KDCOptions were to include the
    38. 

  38. "NamedBit" notation, as in RFC 1510, and a KDCOptions value to be
    39. 

  39. encoded had only the "forwardable" (bit number one) bit set, the DER
    40. 

  40. encoding MUST include only two bits: the first reserved bit
    41. 

  41. ("reserved", bit number zero, value zero) and the one-valued bit (bit
    42. 

  42. number one) for "forwardable".
    43. 

  43. 

  44. Most existing implementations of Kerberos unconditionally send 32
    45. 

  45. bits on the wire when encoding bit strings used as boolean vectors.
    46. 

  46. This behavior violates the ASN.1 syntax used for flag values in RFC
    47. 

  47. 1510, but it occurs on such a widely installed base that the protocol
    48. 

  48. description is being modified to accommodate it.
    49. 

  49. 

  50. Consequently, this document removes the "NamedBit" notations for
    51. 

  51. individual bits, relegating them to comments.  The size constraint on
    52. 

  52. the KerberosFlags type requires that at least 32 bits be encoded at
    53. 

  53. all times, though a lenient implementation MAY choose to accept fewer
    54. 

  54. than 32 bits and to treat the missing bits as set to zero.
    55. 

  55. 

  56. Currently, no uses of KerberosFlags specify more than 32 bits' worth
    57. 

  57. of flags, although future revisions of this document may do so.  When
    58. 

  58. more than 32 bits are to be transmitted in a KerberosFlags value,
    59. 

  59. future revisions to this document will likely specify that the
    60. 

  60. smallest number of bits needed to encode the highest-numbered one-
    61. 

  61. valued bit should be sent.  This is somewhat similar to the DER
    62. 

  62. encoding of a bit string that is declared with the "NamedBit"
    63. 

  63. notation.
    64. 

  64. */
    65. 

  65. 

  66. // NewKrbFlags returns an ASN1 BitString struct of the right size for KrbFlags.
    67. 

  67. func NewKrbFlags() asn1.BitString {
    68. 

  68. 	f := asn1.BitString{}
    69. 

  69. 	f.Bytes = make([]byte, 4)
    70. 

  70. 	f.BitLength = len(f.Bytes) * 8
    71. 

  71. 	return f
    72. 

  72. }
    73. 

  73. 

  74. // SetFlags sets the flags of an ASN1 BitString.
    75. 

  75. func SetFlags(f *asn1.BitString, j []int) {
    76. 

  76. 	for _, i := range j {
    77. 

  77. 		SetFlag(f, i)
    78. 

  78. 	}
    79. 

  79. }
    80. 

  80. 

  81. // SetFlag sets a flag in an ASN1 BitString.
    82. 

  82. func SetFlag(f *asn1.BitString, i int) {
    83. 

  83. 	for l := len(f.Bytes); l < 4; l++ {
    84. 

  84. 		(*f).Bytes = append((*f).Bytes, byte(0))
    85. 

  85. 		(*f).BitLength = len((*f).Bytes) * 8
    86. 

  86. 	}
    87. 

  87. 	//Which byte?
    88. 

  88. 	b := int(i / 8)
    89. 

  89. 	//Which bit in byte
    90. 

  90. 	p := uint(7 - (i - 8*b))
    91. 

  91. 	(*f).Bytes[b] = (*f).Bytes[b] | (1 << p)
    92. 

  92. }
    93. 

  93. 

  94. // UnsetFlags unsets flags in an ASN1 BitString.
    95. 

  95. func UnsetFlags(f *asn1.BitString, j []int) {
    96. 

  96. 	for _, i := range j {
    97. 

  97. 		UnsetFlag(f, i)
    98. 

  98. 	}
    99. 

  99. }
    100. 

  100. 

  101. // UnsetFlag unsets a flag in an ASN1 BitString.
    102. 

  102. func UnsetFlag(f *asn1.BitString, i int) {
    103. 

  103. 	for l := len(f.Bytes); l < 4; l++ {
    104. 

  104. 		(*f).Bytes = append((*f).Bytes, byte(0))
    105. 

  105. 		(*f).BitLength = len((*f).Bytes) * 8
    106. 

  106. 	}
    107. 

  107. 	//Which byte?
    108. 

  108. 	b := int(i / 8)
    109. 

  109. 	//Which bit in byte
    110. 

  110. 	p := uint(7 - (i - 8*b))
    111. 

  111. 	(*f).Bytes[b] = (*f).Bytes[b] &^ (1 << p)
    112. 

  112. }
    113. 

  113. 

  114. // IsFlagSet tests if a flag is set in the ASN1 BitString.
    115. 

  115. func IsFlagSet(f *asn1.BitString, i int) bool {
    116. 

  116. 	//Which byte?
    117. 

  117. 	b := int(i / 8)
    118. 

  118. 	//Which bit in byte
    119. 

  119. 	p := uint(7 - (i - 8*b))
    120. 

  120. 	if (*f).Bytes[b]&(1<<p) != 0 {
    121. 

  121. 		return true
    122. 

  122. 	}
    123. 

  123. 	return false
    124. 

  124. }
    125.