search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Import from firefox-3.0b1 tarball
[mozilla-nss.git] / security / nss / lib / libpkix / pkix_pl_nss / module / pkix_pl_ldaptemplates.c
blobc2583256bd274e29f87382aabb165af926ec2469
1 /*
2 * ***** BEGIN LICENSE BLOCK *****
3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 *
5 * The contents of this file are subject to the Mozilla Public License Version
6 * 1.1 (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 * http://www.mozilla.org/MPL/
9 *
10 * Software distributed under the License is distributed on an "AS IS" basis,
11 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 * for the specific language governing rights and limitations under the
13 * License.
14 *
15 * The Original Code is the PKIX-C library.
16 *
17 * The Initial Developer of the Original Code is
18 * Sun Microsystems, Inc.
19 * Portions created by the Initial Developer are
20 * Copyright 2004-2007 Sun Microsystems, Inc. All Rights Reserved.
21 *
22 * Contributor(s):
23 * Sun Microsystems, Inc.
24 *
25 * Alternatively, the contents of this file may be used under the terms of
26 * either the GNU General Public License Version 2 or later (the "GPL"), or
27 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
28 * in which case the provisions of the GPL or the LGPL are applicable instead
29 * of those above. If you wish to allow use of your version of this file only
30 * under the terms of either the GPL or the LGPL, and not to allow others to
31 * use your version of this file under the terms of the MPL, indicate your
32 * decision by deleting the provisions above and replace them with the notice
33 * and other provisions required by the GPL or the LGPL. If you do not delete
34 * the provisions above, a recipient may use your version of this file under
35 * the terms of any one of the MPL, the GPL or the LGPL.
36 *
37 * ***** END LICENSE BLOCK ***** */
38
39 #include "pkix_pl_ldapt.h"
40
41 /*
42 * CertificatePair ::= SEQUENCE {
43 * forward [0] Certificate OPTIONAL,
44 * reverse [1] Certificate OPTIONAL
45 * -- at least one of the pair shall be present --
46 * }
47 */
48
49 const SEC_ASN1Template PKIX_PL_LDAPCrossCertPairTemplate[] = {
50 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(LDAPCertPair) },
51 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
52 SEC_ASN1_EXPLICIT | 0,
53 offsetof(LDAPCertPair, forward), SEC_AnyTemplate },
54 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
55 SEC_ASN1_EXPLICIT | 1,
56 offsetof(LDAPCertPair, reverse), SEC_AnyTemplate },
57 { 0 }
58 };
59
60 /*
61 * BindRequest ::=
62 * [APPLICATION 0] SEQUENCE {
63 * version INTEGER (1..127),
64 * name LDAPDN,
65 * authentication CHOICE {
66 * simple [0] OCTET STRING,
67 * krbv42LDAP [1] OCTET STRING,
68 * krbv42DSA [2] OCTET STRING
69 * }
70 * }
71 *
72 * LDAPDN ::= LDAPString
73 *
74 * LDAPString ::= OCTET STRING
75 */
76
77 #define LDAPStringTemplate SEC_OctetStringTemplate
78
79 static const SEC_ASN1Template LDAPBindApplTemplate[] = {
80 { SEC_ASN1_SEQUENCE, 0, NULL },
81 { SEC_ASN1_INTEGER, offsetof(LDAPBind, version) },
82 { SEC_ASN1_LDAP_STRING, offsetof(LDAPBind, bindName) },
83 { SEC_ASN1_LDAP_STRING, offsetof(LDAPBind, authentication) },
84 { 0 }
85 };
86
87 static const SEC_ASN1Template LDAPBindTemplate[] = {
88 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_BIND_TYPE, 0,
89 LDAPBindApplTemplate, sizeof (LDAPBind) }
90 };
91
92 /*
93 * BindResponse ::= [APPLICATION 1] LDAPResult
94 *
95 * LDAPResult ::=
96 * SEQUENCE {
97 * resultCode ENUMERATED {
98 * success (0),
99 * operationsError (1),
100 * protocolError (2),
101 * timeLimitExceeded (3),
102 * sizeLimitExceeded (4),
103 * compareFalse (5),
104 * compareTrue (6),
105 * authMethodNotSupported (7),
106 * strongAuthRequired (8),
107 * noSuchAttribute (16),
108 * undefinedAttributeType (17),
109 * inappropriateMatching (18),
110 * constraintViolation (19),
111 * attributeOrValueExists (20),
112 * invalidAttributeSyntax (21),
113 * noSuchObject (32),
114 * aliasProblem (33),
115 * invalidDNSyntax (34),
116 * isLeaf (35),
117 * aliasDereferencingProblem (36),
118 * inappropriateAuthentication (48),
119 * invalidCredentials (49),
120 * insufficientAccessRights (50),
121 * busy (51),
122 * unavailable (52),
123 * unwillingToPerform (53),
124 * loopDetect (54),
125 * namingViolation (64),
126 * objectClassViolation (65),
127 * notAllowedOnNonLeaf (66),
128 * notAllowedOnRDN (67),
129 * entryAlreadyExists (68),
130 * objectClassModsProhibited (69),
131 * other (80)
132 * },
133 * matchedDN LDAPDN,
134 * errorMessage LDAPString
135 * }
136 */
137
138 static const SEC_ASN1Template LDAPResultTemplate[] = {
139 { SEC_ASN1_SEQUENCE, 0, NULL },
140 { SEC_ASN1_ENUMERATED, offsetof(LDAPResult, resultCode) },
141 { SEC_ASN1_LDAP_STRING, offsetof(LDAPResult, matchedDN) },
142 { SEC_ASN1_LDAP_STRING, offsetof(LDAPResult, errorMessage) },
143 { 0 }
144 };
145
146 static const SEC_ASN1Template LDAPBindResponseTemplate[] = {
147 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_BINDRESPONSE_TYPE, 0,
148 LDAPResultTemplate, sizeof (LDAPBindResponse) }
149 };
150
151 /*
152 * UnbindRequest ::= [APPLICATION 2] NULL
153 */
154
155 static const SEC_ASN1Template LDAPUnbindTemplate[] = {
156 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_UNBIND_TYPE, 0,
157 SEC_NullTemplate }
158 };
159
160 /*
161 * AttributeValueAssertion ::=
162 * SEQUENCE {
163 * attributeType AttributeType,
164 * attributeValue AttributeValue,
165 * }
166 *
167 * AttributeType ::= LDAPString
168 * -- text name of the attribute, or dotted
169 * -- OID representation
170 *
171 * AttributeValue ::= OCTET STRING
172 */
173
174 #define LDAPAttributeTypeTemplate LDAPStringTemplate
175
176 /*
177 * SubstringFilter ::=
178 * SEQUENCE {
179 * type AttributeType,
180 * SEQUENCE OF CHOICE {
181 * initial [0] LDAPString,
182 * any [1] LDAPString,
183 * final [2] LDAPString,
184 * }
185 * }
186 */
187
188 #define LDAPSubstringFilterInitialTemplate LDAPStringTemplate
189 #define LDAPSubstringFilterAnyTemplate LDAPStringTemplate
190 #define LDAPSubstringFilterFinalTemplate LDAPStringTemplate
191
192 static const SEC_ASN1Template LDAPSubstringFilterChoiceTemplate[] = {
193 { SEC_ASN1_CHOICE, offsetof(LDAPSubstring, selector), 0,
194 sizeof (LDAPFilter) },
195 { SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(LDAPSubstring, item),
196 LDAPSubstringFilterInitialTemplate, LDAP_INITIALSUBSTRING_TYPE },
197 { SEC_ASN1_CONTEXT_SPECIFIC | 1, offsetof(LDAPSubstring, item),
198 LDAPSubstringFilterAnyTemplate, LDAP_ANYSUBSTRING_TYPE },
199 { SEC_ASN1_CONTEXT_SPECIFIC | 2, offsetof(LDAPSubstring, item),
200 LDAPSubstringFilterFinalTemplate, LDAP_FINALSUBSTRING_TYPE },
201 { 0 }
202 };
203
204 /*
205 * Filter ::=
206 * CHOICE {
207 * and [0] SET OF Filter,
208 * or [1] SET OF Filter,
209 * not [2] Filter,
210 * equalityMatch [3] AttributeValueAssertion,
211 * substrings [4] SubstringFilter,
212 * greaterOrEqual [5] AttributeValueAssertion,
213 * lessOrEqual [6] AttributeValueAssertion,
214 * present [7] AttributeType,
215 * approxMatch [8] AttributeValueAssertion
216 }
217 */
218
219 static const SEC_ASN1Template LDAPSubstringFilterTemplate[] = {
220 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (LDAPSubstringFilter) },
221 { SEC_ASN1_LDAP_STRING, offsetof(LDAPSubstringFilter, attrType) },
222 { SEC_ASN1_SEQUENCE_OF, offsetof(LDAPSubstringFilter, strings),
223 LDAPSubstringFilterChoiceTemplate },
224 { 0 }
225 };
226
227 const SEC_ASN1Template LDAPFilterTemplate[]; /* forward reference */
228
229 static const SEC_ASN1Template LDAPSetOfFiltersTemplate[] = {
230 { SEC_ASN1_SET_OF, 0, LDAPFilterTemplate }
231 };
232
233 static const SEC_ASN1Template LDAPAVAFilterTemplate[] = {
234 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (LDAPAttributeValueAssertion) },
235 { SEC_ASN1_LDAP_STRING, offsetof(LDAPAttributeValueAssertion, attrType) },
236 { SEC_ASN1_OCTET_STRING, offsetof(LDAPAttributeValueAssertion, attrValue) },
237 { 0 }
238 };
239
240 static const SEC_ASN1Template LDAPPresentFilterTemplate[] = {
241 { SEC_ASN1_LDAP_STRING, offsetof(LDAPPresentFilter, attrType) }
242 };
243
244 #define LDAPEqualFilterTemplate LDAPAVAFilterTemplate
245 #define LDAPGreaterOrEqualFilterTemplate LDAPAVAFilterTemplate
246 #define LDAPLessOrEqualFilterTemplate LDAPAVAFilterTemplate
247 #define LDAPApproxMatchFilterTemplate LDAPAVAFilterTemplate
248
249 const SEC_ASN1Template LDAPFilterTemplate[] = {
250 { SEC_ASN1_CHOICE, offsetof(LDAPFilter, selector), 0, sizeof(LDAPFilter) },
251 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
252 LDAP_ANDFILTER_TYPE,
253 offsetof(LDAPFilter, filter.andFilter.filters),
254 LDAPSetOfFiltersTemplate, LDAP_ANDFILTER_TYPE },
255 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
256 LDAP_ORFILTER_TYPE,
257 offsetof(LDAPFilter, filter.orFilter.filters),
258 LDAPSetOfFiltersTemplate, LDAP_ORFILTER_TYPE },
259 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
260 LDAP_NOTFILTER_TYPE | SEC_ASN1_POINTER,
261 offsetof(LDAPFilter, filter.notFilter),
262 LDAPFilterTemplate, LDAP_NOTFILTER_TYPE },
263 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
264 LDAP_EQUALFILTER_TYPE,
265 offsetof(LDAPFilter, filter.equalFilter),
266 LDAPEqualFilterTemplate, LDAP_EQUALFILTER_TYPE },
267 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
268 LDAP_SUBSTRINGFILTER_TYPE, offsetof(LDAPFilter, filter.substringFilter),
269 LDAPSubstringFilterTemplate, LDAP_SUBSTRINGFILTER_TYPE },
270 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
271 LDAP_GREATEROREQUALFILTER_TYPE,
272 offsetof(LDAPFilter, filter.greaterOrEqualFilter),
273 LDAPGreaterOrEqualFilterTemplate, LDAP_GREATEROREQUALFILTER_TYPE },
274 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
275 LDAP_LESSOREQUALFILTER_TYPE,
276 offsetof(LDAPFilter, filter.lessOrEqualFilter),
277 LDAPLessOrEqualFilterTemplate, LDAP_LESSOREQUALFILTER_TYPE },
278 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
279 LDAP_PRESENTFILTER_TYPE,
280 offsetof(LDAPFilter, filter.presentFilter),
281 LDAPPresentFilterTemplate, LDAP_PRESENTFILTER_TYPE },
282 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
283 LDAP_APPROXMATCHFILTER_TYPE,
284 offsetof(LDAPFilter, filter.approxMatchFilter),
285 LDAPApproxMatchFilterTemplate, LDAP_APPROXMATCHFILTER_TYPE },
286 { 0 }
287 };
288
289 /*
290 * SearchRequest ::=
291 * [APPLICATION 3] SEQUENCE {
292 * baseObject LDAPDN,
293 * scope ENUMERATED {
294 * baseObject (0),
295 * singleLevel (1),
296 * wholeSubtree (2)
297 * },
298 * derefAliases ENUMERATED {
299 * neverDerefAliases (0),
300 * derefInSearching (1),
301 * derefFindingBaseObj (2),
302 * alwaysDerefAliases (3)
303 * },
304 * sizeLimit INTEGER (0 .. MAXINT),
305 * -- value of 0 implies no sizeLimit
306 * timeLimit INTEGER (0 .. MAXINT),
307 * -- value of 0 implies no timeLimit
308 * attrsOnly BOOLEAN,
309 * -- TRUE, if only attributes (without values)
310 * -- to be returned
311 * filter Filter,
312 * attributes SEQUENCE OF AttributeType
313 * }
314 */
315
316 static const SEC_ASN1Template LDAPAttributeTemplate[] = {
317 { SEC_ASN1_LDAP_STRING, 0, NULL, sizeof (SECItem) }
318 };
319
320 static const SEC_ASN1Template LDAPSearchApplTemplate[] = {
321 { SEC_ASN1_SEQUENCE, 0, NULL },
322 { SEC_ASN1_LDAP_STRING, offsetof(LDAPSearch, baseObject) },
323 { SEC_ASN1_ENUMERATED, offsetof(LDAPSearch, scope) },
324 { SEC_ASN1_ENUMERATED, offsetof(LDAPSearch, derefAliases) },
325 { SEC_ASN1_INTEGER, offsetof(LDAPSearch, sizeLimit) },
326 { SEC_ASN1_INTEGER, offsetof(LDAPSearch, timeLimit) },
327 { SEC_ASN1_BOOLEAN, offsetof(LDAPSearch, attrsOnly) },
328 { SEC_ASN1_INLINE, offsetof(LDAPSearch, filter), LDAPFilterTemplate },
329 { SEC_ASN1_SEQUENCE_OF, offsetof(LDAPSearch, attributes), LDAPAttributeTemplate },
330 { 0 }
331 };
332
333 static const SEC_ASN1Template LDAPSearchTemplate[] = {
334 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_SEARCH_TYPE, 0,
335 LDAPSearchApplTemplate, sizeof (LDAPSearch) }
336 };
337
338 /*
339 * SearchResponse ::=
340 * CHOICE {
341 * entry [APPLICATION 4] SEQUENCE {
342 * objectName LDAPDN,
343 * attributes SEQUENCE OF SEQUENCE {
344 * AttributeType,
345 * SET OF AttributeValue
346 * }
347 * }
348 * resultCode [APPLICATION 5] LDAPResult
349 * }
350 */
351
352 static const SEC_ASN1Template LDAPSearchResponseAttrTemplate[] = {
353 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(LDAPSearchResponseAttr) },
354 { SEC_ASN1_LDAP_STRING, offsetof(LDAPSearchResponseAttr, attrType) },
355 { SEC_ASN1_SET_OF, offsetof(LDAPSearchResponseAttr, val), LDAPStringTemplate },
356 { 0 }
357 };
358
359 static const SEC_ASN1Template LDAPEntryTemplate[] = {
360 { SEC_ASN1_SEQUENCE, 0, NULL },
361 { SEC_ASN1_LDAP_STRING, offsetof(LDAPSearchResponseEntry, objectName) },
362 { SEC_ASN1_SEQUENCE_OF, offsetof(LDAPSearchResponseEntry, attributes),
363 LDAPSearchResponseAttrTemplate },
364 { 0 }
365 };
366
367 static const SEC_ASN1Template LDAPSearchResponseEntryTemplate[] = {
368 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_SEARCHRESPONSEENTRY_TYPE, 0,
369 LDAPEntryTemplate, sizeof (LDAPSearchResponseEntry) }
370 };
371
372 static const SEC_ASN1Template LDAPSearchResponseResultTemplate[] = {
373 { SEC_ASN1_APPLICATION | LDAP_SEARCHRESPONSERESULT_TYPE, 0,
374 LDAPResultTemplate, sizeof (LDAPSearchResponseResult) }
375 };
376
377 /*
378 * AbandonRequest ::=
379 * [APPLICATION 16] MessageID
380 */
381
382 static const SEC_ASN1Template LDAPAbandonTemplate[] = {
383 { SEC_ASN1_INTEGER, offsetof(LDAPAbandonRequest, messageID) }
384 };
385
386 static const SEC_ASN1Template LDAPAbandonRequestTemplate[] = {
387 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_APPLICATION | LDAP_ABANDONREQUEST_TYPE, 0,
388 LDAPAbandonTemplate, sizeof (LDAPAbandonRequest) }
389 };
390
391 /*
392 * LDAPMessage ::=
393 * SEQUENCE {
394 * messageID MessageID,
395 * protocolOp CHOICE {
396 * bindRequest BindRequest,
397 * bindResponse BindResponse,
398 * unbindRequest UnbindRequest,
399 * searchRequest SearchRequest,
400 * searchResponse SearchResponse,
401 * abandonRequest AbandonRequest
402 * }
403 * }
404 *
405 * (other choices exist, not shown)
406 *
407 * MessageID ::= INTEGER (0 .. maxInt)
408 */
409
410 static const SEC_ASN1Template LDAPMessageProtocolOpTemplate[] = {
411 { SEC_ASN1_CHOICE, offsetof(LDAPProtocolOp, selector), 0, sizeof (LDAPProtocolOp) },
412 { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.bindMsg),
413 LDAPBindTemplate, LDAP_BIND_TYPE },
414 { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.bindResponseMsg),
415 LDAPBindResponseTemplate, LDAP_BINDRESPONSE_TYPE },
416 { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.unbindMsg),
417 LDAPUnbindTemplate, LDAP_UNBIND_TYPE },
418 { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.searchMsg),
419 LDAPSearchTemplate, LDAP_SEARCH_TYPE },
420 { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.searchResponseEntryMsg),
421 LDAPSearchResponseEntryTemplate, LDAP_SEARCHRESPONSEENTRY_TYPE },
422 { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.searchResponseResultMsg),
423 LDAPSearchResponseResultTemplate, LDAP_SEARCHRESPONSERESULT_TYPE },
424 { SEC_ASN1_INLINE, offsetof(LDAPProtocolOp, op.abandonRequestMsg),
425 LDAPAbandonRequestTemplate, LDAP_ABANDONREQUEST_TYPE },
426 { 0 }
427 };
428
429 const SEC_ASN1Template PKIX_PL_LDAPMessageTemplate[] = {
430 { SEC_ASN1_SEQUENCE, 0, NULL },
431 { SEC_ASN1_INTEGER, offsetof(LDAPMessage, messageID) },
432 { SEC_ASN1_INLINE, offsetof(LDAPMessage, protocolOp),
433 LDAPMessageProtocolOpTemplate },
434 { 0 }
435 };
436
437 /* This function simply returns the address of the message template.
438 * This is necessary for Windows DLLs.
439 */
440 SEC_ASN1_CHOOSER_IMPLEMENT(PKIX_PL_LDAPMessageTemplate)
Mozilla NSS module