-
Notifications
You must be signed in to change notification settings - Fork 4
/
sid.go
64 lines (52 loc) · 2.3 KB
/
sid.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
// Copyright (c) Jim Lambert
// SPDX-License-Identifier: MIT
package gldap
import (
"bytes"
"encoding/binary"
"fmt"
)
// SIDBytes creates a SID from the provided revision and identifierAuthority
func SIDBytes(revision uint8, identifierAuthority uint16) ([]byte, error) {
const op = "gldap.SidBytes"
var identifierAuthorityParts [3]uint16
identifierAuthorityParts[2] = identifierAuthority
subAuthorityCount := uint8(0)
var writer bytes.Buffer
if err := binary.Write(&writer, binary.LittleEndian, uint8(revision)); err != nil {
return nil, fmt.Errorf("%s: unable to write revision: %w", op, err)
}
if err := binary.Write(&writer, binary.LittleEndian, subAuthorityCount); err != nil {
return nil, fmt.Errorf("%s: unable to write subauthority count: %w", op, err)
}
if err := binary.Write(&writer, binary.BigEndian, identifierAuthorityParts); err != nil {
return nil, fmt.Errorf("%s: unable to write authority parts: %w", op, err)
}
return writer.Bytes(), nil
}
// SIDBytesToString will convert SID bytes to a string
func SIDBytesToString(b []byte) (string, error) {
const op = "gldap.sidBytesToString"
reader := bytes.NewReader(b)
var revision, subAuthorityCount uint8
var identifierAuthorityParts [3]uint16
if err := binary.Read(reader, binary.LittleEndian, &revision); err != nil {
return "", fmt.Errorf("%s: SID %#v convert failed reading Revision: %w", op, b, err)
}
if err := binary.Read(reader, binary.LittleEndian, &subAuthorityCount); err != nil {
return "", fmt.Errorf("%s: SID %#v convert failed reading SubAuthorityCount: %w", op, b, err)
}
if err := binary.Read(reader, binary.BigEndian, &identifierAuthorityParts); err != nil {
return "", fmt.Errorf("%s: SID %#v convert failed reading IdentifierAuthority: %w", op, b, err)
}
identifierAuthority := (uint64(identifierAuthorityParts[0]) << 32) + (uint64(identifierAuthorityParts[1]) << 16) + uint64(identifierAuthorityParts[2])
subAuthority := make([]uint32, subAuthorityCount)
if err := binary.Read(reader, binary.LittleEndian, &subAuthority); err != nil {
return "", fmt.Errorf("%s: SID %#v convert failed reading SubAuthority: %w", op, b, err)
}
result := fmt.Sprintf("S-%d-%d", revision, identifierAuthority)
for _, subAuthorityPart := range subAuthority {
result += fmt.Sprintf("-%d", subAuthorityPart)
}
return result, nil
}