Source code
Revision control
Copy as Markdown
Other Tools
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
#include "pkix_pl_ldapt.h"
SEC_ASN1_MKSUB(SEC_AnyTemplate)
SEC_ASN1_MKSUB(SEC_NullTemplate)
SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
/*
* CertificatePair ::= SEQUENCE {
* forward [0] Certificate OPTIONAL,
* reverse [1] Certificate OPTIONAL
* -- at least one of the pair shall be present --
* }
*/
const SEC_ASN1Template PKIX_PL_LDAPCrossCertPairTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(LDAPCertPair) },
{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
SEC_ASN1_EXPLICIT | SEC_ASN1_XTRN | 0,
offsetof(LDAPCertPair, forward), SEC_ASN1_SUB(SEC_AnyTemplate) },
{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
SEC_ASN1_EXPLICIT | SEC_ASN1_XTRN | 1,
offsetof(LDAPCertPair, reverse), SEC_ASN1_SUB(SEC_AnyTemplate) },
{ 0 }
};
/*
* BindRequest ::=
* [APPLICATION 0] SEQUENCE {
* version INTEGER (1..127),
* name LDAPDN,
* authentication CHOICE {
* simple [0] OCTET STRING,
* krbv42LDAP [1] OCTET STRING,
* krbv42DSA [2] OCTET STRING
* }
* }
*
* LDAPDN ::= LDAPString
*
* LDAPString ::= OCTET STRING
*/
#define LDAPStringTemplate SEC_ASN1_SUB(SEC_OctetStringTemplate)
static const SEC_ASN1Template LDAPBindApplTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL },
{ SEC_ASN1_INTEGER, offsetof(LDAPBind, version) },
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPBind, bindName) },
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPBind, authentication) },
{ 0 }
};
static const SEC_ASN1Template LDAPBindTemplate[] = {
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_BIND_TYPE, 0,
LDAPBindApplTemplate, sizeof (LDAPBind) }
};
/*
* BindResponse ::= [APPLICATION 1] LDAPResult
*
* LDAPResult ::=
* SEQUENCE {
* resultCode ENUMERATED {
* success (0),
* operationsError (1),
* protocolError (2),
* timeLimitExceeded (3),
* sizeLimitExceeded (4),
* compareFalse (5),
* compareTrue (6),
* authMethodNotSupported (7),
* strongAuthRequired (8),
* noSuchAttribute (16),
* undefinedAttributeType (17),
* inappropriateMatching (18),
* constraintViolation (19),
* attributeOrValueExists (20),
* invalidAttributeSyntax (21),
* noSuchObject (32),
* aliasProblem (33),
* invalidDNSyntax (34),
* isLeaf (35),
* aliasDereferencingProblem (36),
* inappropriateAuthentication (48),
* invalidCredentials (49),
* insufficientAccessRights (50),
* busy (51),
* unavailable (52),
* unwillingToPerform (53),
* loopDetect (54),
* namingViolation (64),
* objectClassViolation (65),
* notAllowedOnNonLeaf (66),
* notAllowedOnRDN (67),
* entryAlreadyExists (68),
* objectClassModsProhibited (69),
* other (80)
* },
* matchedDN LDAPDN,
* errorMessage LDAPString
* }
*/
static const SEC_ASN1Template LDAPResultTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL },
{ SEC_ASN1_ENUMERATED, offsetof(LDAPResult, resultCode) },
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPResult, matchedDN) },
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPResult, errorMessage) },
{ 0 }
};
static const SEC_ASN1Template LDAPBindResponseTemplate[] = {
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_BINDRESPONSE_TYPE, 0,
LDAPResultTemplate, sizeof (LDAPBindResponse) }
};
/*
* UnbindRequest ::= [APPLICATION 2] NULL
*/
static const SEC_ASN1Template LDAPUnbindTemplate[] = {
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | SEC_ASN1_XTRN |
LDAP_UNBIND_TYPE , 0, SEC_ASN1_SUB(SEC_NullTemplate) }
};
/*
* AttributeValueAssertion ::=
* SEQUENCE {
* attributeType AttributeType,
* attributeValue AttributeValue,
* }
*
* AttributeType ::= LDAPString
* -- text name of the attribute, or dotted
* -- OID representation
*
* AttributeValue ::= OCTET STRING
*/
#define LDAPAttributeTypeTemplate LDAPStringTemplate
/*
* SubstringFilter ::=
* SEQUENCE {
* type AttributeType,
* SEQUENCE OF CHOICE {
* initial [0] LDAPString,
* any [1] LDAPString,
* final [2] LDAPString,
* }
* }
*/
#define LDAPSubstringFilterInitialTemplate LDAPStringTemplate
#define LDAPSubstringFilterAnyTemplate LDAPStringTemplate
#define LDAPSubstringFilterFinalTemplate LDAPStringTemplate
static const SEC_ASN1Template LDAPSubstringFilterChoiceTemplate[] = {
{ SEC_ASN1_CHOICE, offsetof(LDAPSubstring, selector), 0,
sizeof (LDAPFilter) },
{ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
offsetof(LDAPSubstring, item),
LDAPSubstringFilterInitialTemplate,
LDAP_INITIALSUBSTRING_TYPE },
{ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
offsetof(LDAPSubstring, item),
LDAPSubstringFilterAnyTemplate,
LDAP_ANYSUBSTRING_TYPE },
{ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
offsetof(LDAPSubstring, item),
LDAPSubstringFilterFinalTemplate,
LDAP_FINALSUBSTRING_TYPE },
{ 0 }
};
/*
* Filter ::=
* CHOICE {
* and [0] SET OF Filter,
* or [1] SET OF Filter,
* not [2] Filter,
* equalityMatch [3] AttributeValueAssertion,
* substrings [4] SubstringFilter,
* greaterOrEqual [5] AttributeValueAssertion,
* lessOrEqual [6] AttributeValueAssertion,
* present [7] AttributeType,
* approxMatch [8] AttributeValueAssertion
}
*/
static const SEC_ASN1Template LDAPSubstringFilterTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof (LDAPSubstringFilter) },
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPSubstringFilter, attrType) },
{ SEC_ASN1_SEQUENCE_OF, offsetof(LDAPSubstringFilter, strings),
LDAPSubstringFilterChoiceTemplate },
{ 0 }
};
const SEC_ASN1Template LDAPFilterTemplate[]; /* forward reference */
static const SEC_ASN1Template LDAPSetOfFiltersTemplate[] = {
{ SEC_ASN1_SET_OF, 0, LDAPFilterTemplate }
};
static const SEC_ASN1Template LDAPAVAFilterTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof (LDAPAttributeValueAssertion) },
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPAttributeValueAssertion, attrType) },
{ SEC_ASN1_OCTET_STRING, offsetof(LDAPAttributeValueAssertion, attrValue) },
{ 0 }
};
static const SEC_ASN1Template LDAPPresentFilterTemplate[] = {
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPPresentFilter, attrType) }
};
#define LDAPEqualFilterTemplate LDAPAVAFilterTemplate
#define LDAPGreaterOrEqualFilterTemplate LDAPAVAFilterTemplate
#define LDAPLessOrEqualFilterTemplate LDAPAVAFilterTemplate
#define LDAPApproxMatchFilterTemplate LDAPAVAFilterTemplate
const SEC_ASN1Template LDAPFilterTemplate[] = {
{ SEC_ASN1_CHOICE, offsetof(LDAPFilter, selector), 0, sizeof(LDAPFilter) },
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
LDAP_ANDFILTER_TYPE,
offsetof(LDAPFilter, filter.andFilter.filters),
LDAPSetOfFiltersTemplate, LDAP_ANDFILTER_TYPE },
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
LDAP_ORFILTER_TYPE,
offsetof(LDAPFilter, filter.orFilter.filters),
LDAPSetOfFiltersTemplate, LDAP_ORFILTER_TYPE },
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
LDAP_NOTFILTER_TYPE | SEC_ASN1_POINTER,
offsetof(LDAPFilter, filter.notFilter),
LDAPFilterTemplate, LDAP_NOTFILTER_TYPE },
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
LDAP_EQUALFILTER_TYPE,
offsetof(LDAPFilter, filter.equalFilter),
LDAPEqualFilterTemplate, LDAP_EQUALFILTER_TYPE },
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
LDAP_SUBSTRINGFILTER_TYPE, offsetof(LDAPFilter, filter.substringFilter),
LDAPSubstringFilterTemplate, LDAP_SUBSTRINGFILTER_TYPE },
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
LDAP_GREATEROREQUALFILTER_TYPE,
offsetof(LDAPFilter, filter.greaterOrEqualFilter),
LDAPGreaterOrEqualFilterTemplate, LDAP_GREATEROREQUALFILTER_TYPE },
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
LDAP_LESSOREQUALFILTER_TYPE,
offsetof(LDAPFilter, filter.lessOrEqualFilter),
LDAPLessOrEqualFilterTemplate, LDAP_LESSOREQUALFILTER_TYPE },
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
LDAP_PRESENTFILTER_TYPE,
offsetof(LDAPFilter, filter.presentFilter),
LDAPPresentFilterTemplate, LDAP_PRESENTFILTER_TYPE },
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
LDAP_APPROXMATCHFILTER_TYPE,
offsetof(LDAPFilter, filter.approxMatchFilter),
LDAPApproxMatchFilterTemplate, LDAP_APPROXMATCHFILTER_TYPE },
{ 0 }
};
/*
* SearchRequest ::=
* [APPLICATION 3] SEQUENCE {
* baseObject LDAPDN,
* scope ENUMERATED {
* baseObject (0),
* singleLevel (1),
* wholeSubtree (2)
* },
* derefAliases ENUMERATED {
* neverDerefAliases (0),
* derefInSearching (1),
* derefFindingBaseObj (2),
* alwaysDerefAliases (3)
* },
* sizeLimit INTEGER (0 .. MAXINT),
* -- value of 0 implies no sizeLimit
* timeLimit INTEGER (0 .. MAXINT),
* -- value of 0 implies no timeLimit
* attrsOnly BOOLEAN,
* -- TRUE, if only attributes (without values)
* -- to be returned
* filter Filter,
* attributes SEQUENCE OF AttributeType
* }
*/
static const SEC_ASN1Template LDAPAttributeTemplate[] = {
{ SEC_ASN1_LDAP_STRING, 0, NULL, sizeof (SECItem) }
};
static const SEC_ASN1Template LDAPSearchApplTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL },
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPSearch, baseObject) },
{ SEC_ASN1_ENUMERATED, offsetof(LDAPSearch, scope) },
{ SEC_ASN1_ENUMERATED, offsetof(LDAPSearch, derefAliases) },
{ SEC_ASN1_INTEGER, offsetof(LDAPSearch, sizeLimit) },
{ SEC_ASN1_INTEGER, offsetof(LDAPSearch, timeLimit) },
{ SEC_ASN1_BOOLEAN, offsetof(LDAPSearch, attrsOnly) },
{ SEC_ASN1_INLINE, offsetof(LDAPSearch, filter), LDAPFilterTemplate },
{ SEC_ASN1_SEQUENCE_OF, offsetof(LDAPSearch, attributes), LDAPAttributeTemplate },
{ 0 }
};
static const SEC_ASN1Template LDAPSearchTemplate[] = {
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_SEARCH_TYPE, 0,
LDAPSearchApplTemplate, sizeof (LDAPSearch) }
};
/*
* SearchResponse ::=
* CHOICE {
* entry [APPLICATION 4] SEQUENCE {
* objectName LDAPDN,
* attributes SEQUENCE OF SEQUENCE {
* AttributeType,
* SET OF AttributeValue
* }
* }
* resultCode [APPLICATION 5] LDAPResult
* }
*/
static const SEC_ASN1Template LDAPSearchResponseAttrTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(LDAPSearchResponseAttr) },
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPSearchResponseAttr, attrType) },
{ SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(LDAPSearchResponseAttr, val),
LDAPStringTemplate },
{ 0 }
};
static const SEC_ASN1Template LDAPEntryTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL },
{ SEC_ASN1_LDAP_STRING, offsetof(LDAPSearchResponseEntry, objectName) },
{ SEC_ASN1_SEQUENCE_OF, offsetof(LDAPSearchResponseEntry, attributes),
LDAPSearchResponseAttrTemplate },
{ 0 }
};
static const SEC_ASN1Template LDAPSearchResponseEntryTemplate[] = {
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_SEARCHRESPONSEENTRY_TYPE, 0,
LDAPEntryTemplate, sizeof (LDAPSearchResponseEntry) }
};
static const SEC_ASN1Template LDAPSearchResponseResultTemplate[] = {
{ SEC_ASN1_APPLICATION | LDAP_SEARCHRESPONSERESULT_TYPE, 0,
LDAPResultTemplate, sizeof (LDAPSearchResponseResult) }
};
/*
* AbandonRequest ::=
* [APPLICATION 16] MessageID
*/
static const SEC_ASN1Template LDAPAbandonTemplate[] = {
{ SEC_ASN1_INTEGER, offsetof(LDAPAbandonRequest, messageID) }
};
static const SEC_ASN1Template LDAPAbandonRequestTemplate[] = {
{ SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_ABANDONREQUEST_TYPE, 0,
LDAPAbandonTemplate, sizeof (LDAPAbandonRequest) }
};
/*
* LDAPMessage ::=
* SEQUENCE {
* messageID MessageID,
* protocolOp CHOICE {
* bindRequest BindRequest,
* bindResponse BindResponse,
* unbindRequest UnbindRequest,
* searchRequest SearchRequest,
* searchResponse SearchResponse,
* abandonRequest AbandonRequest
* }
* }
*
* (other choices exist, not shown)
*
* MessageID ::= INTEGER (0 .. maxInt)
*/
static const SEC_ASN1Template LDAPMessageProtocolOpTemplate[] = {
{ SEC_ASN1_CHOICE, offsetof(LDAPProtocolOp, selector), 0, sizeof (LDAPProtocolOp) },
{ SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.bindMsg),
LDAPBindTemplate, LDAP_BIND_TYPE },
{ SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.bindResponseMsg),
LDAPBindResponseTemplate, LDAP_BINDRESPONSE_TYPE },
{ SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.unbindMsg),
LDAPUnbindTemplate, LDAP_UNBIND_TYPE },
{ SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.searchMsg),
LDAPSearchTemplate, LDAP_SEARCH_TYPE },
{ SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.searchResponseEntryMsg),
LDAPSearchResponseEntryTemplate, LDAP_SEARCHRESPONSEENTRY_TYPE },
{ SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.searchResponseResultMsg),
LDAPSearchResponseResultTemplate, LDAP_SEARCHRESPONSERESULT_TYPE },
{ SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.abandonRequestMsg),
LDAPAbandonRequestTemplate, LDAP_ABANDONREQUEST_TYPE },
{ 0 }
};
const SEC_ASN1Template PKIX_PL_LDAPMessageTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL },
{ SEC_ASN1_INTEGER, offsetof(LDAPMessage, messageID) },
{ SEC_ASN1_INLINE, offsetof(LDAPMessage, protocolOp),
LDAPMessageProtocolOpTemplate },
{ 0 }
};
/* This function simply returns the address of the message template.
* This is necessary for Windows DLLs.
*/
SEC_ASN1_CHOOSER_IMPLEMENT(PKIX_PL_LDAPMessageTemplate)