mstypes

package
v5.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 31, 2018 License: Apache-2.0 Imports: 7 Imported by: 5

Documentation

Overview

Package mstypes implements representations of Microsoft types for PAC processing.

Index

Constants

View Source 
const (
	CompressionFormatNone       uint16 = 0
	CompressionFormatLZNT1      uint16 = 2
	CompressionFormatXPress     uint16 = 3
	CompressionFormatXPressHuff uint16 = 4
)

Compression format assigned numbers.

View Source 
const (
	ClaimTypeIDInt64    uint16 = 1
	ClaimTypeIDUInt64   uint16 = 2
	ClaimTypeIDString   uint16 = 3
	ClaimsTypeIDBoolean uint16 = 6
)

Claim Type assigned numbers

View Source 
const (
	SEGroupMandatory        = 31
	SEGroupEnabledByDefault = 30
	SEGroupEnabled          = 29
	SEGroupOwner            = 28
	SEGroupResource         = 2
)

Attributes of a security group membership and can be combined by using the bitwise OR operation. They are used by an access check mechanism to specify whether the membership is to be used in an access check decision.

View Source 
const ClaimsSourceTypeAD uint16 = 1

ClaimsSourceType

Variables

This section is empty.

Functions

func FillClaimEntry added in v5.3.0 

func FillClaimEntry(b *[]byte, p *int, e *binary.ByteOrder, c *ClaimEntry) (err error)

FillClaimEntry reads a ClaimEntry from the bytes slice.

func ReadClaimEntriesUnionHeaders added in v5.3.0 

func ReadClaimEntriesUnionHeaders(b *[]byte, p *int, e *binary.ByteOrder) (uint16, uint32, error)

func SetFlag 

func SetFlag(a *uint32, i uint)

SetFlag sets a flag in a uint32 attribute value.

Types

type ClaimEntry added in v5.3.0 

type ClaimEntry struct {
	ID         string //utf16string
	Type       uint16 // enums are 16 bit https://msdn.microsoft.com/en-us/library/windows/desktop/aa366818(v=vs.85).aspx
	TypeInt64  ClaimTypeInt64
	TypeUInt64 ClaimTypeUInt64
	TypeString ClaimTypeString
	TypeBool   ClaimTypeBoolean
}

ClaimEntry implements https://msdn.microsoft.com/en-us/library/hh536374.aspx

type ClaimTypeBoolean added in v5.3.0 

type ClaimTypeBoolean struct {
	ValueCount uint32
	Value      []bool
}

ClaimTypeBoolean is a claim of type bool

type ClaimTypeInt64 added in v5.3.0 

type ClaimTypeInt64 struct {
	ValueCount uint32
	Value      []int64
}

ClaimTypeInt64 is a claim of type int64

type ClaimTypeString added in v5.3.0 

type ClaimTypeString struct {
	ValueCount uint32
	Value      []string
}

ClaimTypeString is a claim of type string

type ClaimTypeUInt64 added in v5.3.0 

type ClaimTypeUInt64 struct {
	ValueCount uint32
	Value      []uint64
}

ClaimTypeUInt64 is a claim of type uint64

type ClaimsArray added in v5.3.0 

type ClaimsArray struct {
	ClaimsSourceType uint16
	ClaimsCount      uint32
	ClaimsEntries    []ClaimEntry
}

ClaimsArray implements https://msdn.microsoft.com/en-us/library/hh536458.aspx

func ReadClaimsArray added in v5.3.0 

func ReadClaimsArray(b *[]byte, p *int, e *binary.ByteOrder) (c ClaimsArray, err error)

ReadClaimsArray reads a ClaimsArray from the bytes slice.

type ClaimsBlob added in v5.3.0 

type ClaimsBlob struct {
	Size        uint32
	EncodedBlob []byte
}

ClaimsBlob implements https://msdn.microsoft.com/en-us/library/hh554119.aspx

func ReadClaimsBlob added in v5.3.0 

func ReadClaimsBlob(b *[]byte, p *int, e *binary.ByteOrder) (c ClaimsBlob)

ReadClaimsBlob reads a ClaimsBlob from the byte slice.

type ClaimsSet added in v5.3.0 

type ClaimsSet struct {
	ClaimsArrayCount uint32
	ClaimsArrays     []ClaimsArray
	ReservedType     uint16

	ReservedField []byte
	// contains filtered or unexported fields
}

ClaimSet implements https://msdn.microsoft.com/en-us/library/hh554122.aspx

func ReadClaimsSet added in v5.3.0 

func ReadClaimsSet(b []byte) (c ClaimsSet, err error)

ReadClaimsSet reads a ClaimsSet from the bytes slice.

type ClaimsSetMetadata 

type ClaimsSetMetadata struct {
	ClaimsSet         ClaimsSet
	CompressionFormat uint16 // Enum see constants for options

	ReservedType uint16

	ReservedField []byte
	// contains filtered or unexported fields
}

ClaimsSetMetadata implements https://msdn.microsoft.com/en-us/library/hh554073.aspx

func ReadClaimsSetMetadata 

func ReadClaimsSetMetadata(b *[]byte, p *int, e *binary.ByteOrder) (c ClaimsSetMetadata, err error)

ReadClaimsSetMetadata reads a ClaimsSetMetadata from the bytes slice.

type CypherBlock 

type CypherBlock struct {
	Data []byte // size = 8
}

CypherBlock implements https://msdn.microsoft.com/en-us/library/cc237040.aspx

type DomainGroupMembership 

type DomainGroupMembership struct {
	DomainID   RPCSID
	GroupCount uint32
	GroupIDs   []GroupMembership // Size is value of GroupCount
}

DomainGroupMembership implements https://msdn.microsoft.com/en-us/library/hh536344.aspx DomainId: A SID structure that contains the SID for the domain.This member is used in conjunction with the GroupIds members to create group SIDs for the device. GroupCount: A 32-bit unsigned integer that contains the number of groups within the domain to which the account belongs. GroupIds: A pointer to a list of GROUP_MEMBERSHIP structures that contain the groups to which the account belongs in the domain. The number of groups in this list MUST be equal to GroupCount.

func ReadDomainGroupMembership 

func ReadDomainGroupMembership(b *[]byte, p *int, e *binary.ByteOrder) (DomainGroupMembership, error)

ReadDomainGroupMembership reads a DomainGroupMembership from the bytes slice.

type FileTime 

type FileTime struct {
	LowDateTime  uint32
	HighDateTime uint32
}

FileTime implements the Microsoft FILETIME type https://msdn.microsoft.com/en-us/library/cc230324.aspx

func GetFileTime 

func GetFileTime(t time.Time) FileTime

GetFileTime returns a FileTime type from the provided Golang Time type.

func ReadFileTime 

func ReadFileTime(b *[]byte, p *int, e *binary.ByteOrder) FileTime

ReadFileTime reads a FileTime from the bytes slice.

func (FileTime) MSEpoch 

func (ft FileTime) MSEpoch() int64

MSEpoch returns the FileTime as a Microsoft epoch, the number of 100 nano second periods elapsed from January 1, 1601 UTC.

func (FileTime) Time 

func (ft FileTime) Time() time.Time

Time return a golang Time type from the FileTime

func (FileTime) Unix 

func (ft FileTime) Unix() int64

Unix returns the FileTime as a Unix time, the number of seconds elapsed since January 1, 1970 UTC.

type GroupMembership 

type GroupMembership struct {
	RelativeID uint32
	Attributes uint32
}

GroupMembership implements https://msdn.microsoft.com/en-us/library/cc237945.aspx RelativeID : A 32-bit unsigned integer that contains the RID of a particular group. The possible values for the Attributes flags are identical to those specified in KERB_SID_AND_ATTRIBUTES

func ReadGroupMembership 

func ReadGroupMembership(b *[]byte, p *int, e *binary.ByteOrder) GroupMembership

ReadGroupMembership reads a GroupMembership from the bytes slice.

type KerbSidAndAttributes 

type KerbSidAndAttributes struct {
	SID        RPCSID // A pointer to an RPC_SID structure.
	Attributes uint32
}

KerbSidAndAttributes implements https://msdn.microsoft.com/en-us/library/cc237947.aspx

func ReadKerbSidAndAttributes 

func ReadKerbSidAndAttributes(b *[]byte, p *int, e *binary.ByteOrder) (KerbSidAndAttributes, error)

ReadKerbSidAndAttributes reads a KerbSidAndAttribute from the bytes slice.

type RPCSID 

type RPCSID struct {
	Revision            uint8                     // An 8-bit unsigned integer that specifies the revision level of the SID. This value MUST be set to 0x01.
	SubAuthorityCount   uint8                     // An 8-bit unsigned integer that specifies the number of elements in the SubAuthority array. The maximum number of elements allowed is 15.
	IdentifierAuthority RPCSIDIdentifierAuthority // An RPC_SID_IDENTIFIER_AUTHORITY structure that indicates the authority under which the SID was created. It describes the entity that created the SID. The Identifier Authority value {0,0,0,0,0,5} denotes SIDs created by the NT SID authority.
	SubAuthority        []uint32                  // A variable length array of unsigned 32-bit integers that uniquely identifies a principal relative to the IdentifierAuthority. Its length is determined by SubAuthorityCount.
}

RPCSID implements https://msdn.microsoft.com/en-us/library/cc230364.aspx

func ReadRPCSID 

func ReadRPCSID(b *[]byte, p *int, e *binary.ByteOrder) (RPCSID, error)

ReadRPCSID reads a RPC_SID from the bytes slice.

func (*RPCSID) ToString 

func (s *RPCSID) ToString() string

ToString returns the string representation of the RPC_SID.

type RPCSIDIdentifierAuthority 

type RPCSIDIdentifierAuthority struct {
	Value []byte // 6 bytes
}

RPCSIDIdentifierAuthority implements https://msdn.microsoft.com/en-us/library/cc230372.aspx

func ReadRPCSIDIdentifierAuthority 

func ReadRPCSIDIdentifierAuthority(b *[]byte, p *int, e *binary.ByteOrder) RPCSIDIdentifierAuthority

ReadRPCSIDIdentifierAuthority reads a RPC_SIDIdentifierAuthority from the bytes slice.

type RPCUnicodeString 

type RPCUnicodeString struct {
	Length        uint16 // The length, in bytes, of the string pointed to by the Buffer member, not including the terminating null character if any. The length MUST be a multiple of 2. The length SHOULD equal the entire size of the Buffer, in which case there is no terminating null character. Any method that accesses this structure MUST use the Length specified instead of relying on the presence or absence of a null character.
	MaximumLength uint16 // The maximum size, in bytes, of the string pointed to by Buffer. The size MUST be a multiple of 2. If not, the size MUST be decremented by 1 prior to use. This value MUST not be less than Length.
	BufferPrt     uint32 // A pointer to a string buffer. If MaximumLength is greater than zero, the buffer MUST contain a non-null value.
	Value         string
}

RPCUnicodeString implements https://msdn.microsoft.com/en-us/library/cc230365.aspx

func ReadRPCUnicodeString 

func ReadRPCUnicodeString(b *[]byte, p *int, e *binary.ByteOrder) (RPCUnicodeString, error)

ReadRPCUnicodeString reads a RPCUnicodeString from the bytes slice.

func (*RPCUnicodeString) UnmarshalString 

func (s *RPCUnicodeString) UnmarshalString(b *[]byte, p *int, e *binary.ByteOrder) (err error)

UnmarshalString populates a golang string into the RPCUnicodeString struct.

type UserSessionKey 

type UserSessionKey struct {
	Data []CypherBlock // size = 2
}

UserSessionKey implements https://msdn.microsoft.com/en-us/library/cc237080.aspx

func ReadUserSessionKey 

func ReadUserSessionKey(b *[]byte, p *int, e *binary.ByteOrder) UserSessionKey

ReadUserSessionKey reads a UserSessionKey from the bytes slice.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.