Commit 28a96758 authored by Sang Seok Lim's avatar Sang Seok Lim
Browse files

Component Indexing support for BDB

- only for equality matching
- only components of ASN.1 types used in an X.509 certificate can be indexed
(composite types except for RDN and DN are not supported yet)
- how to use
index [attribute name].[component reference] eq
Ex)
index userCertificate eq
index userCertificate.toBeSigned.issuer.rdnSequence eq
index userCertificate.toBeSigned.serialNumber eq
index userCertificate.toBeSigned.version eq
parent 69ca6c9b
......@@ -81,7 +81,5 @@ have been tested successfully. But this is currently under development.
before using it, don't forget to check following status of development,
1) Not all ASN.1 types are supported yet.
See componentlib.c to check which ASN.1 types are currently supported
2) Component version of GSER encoders are not supported yet
3) Not all ComponentId of a component reference are supported yet
supported : identifier, from-beginning, count, from-end, <all>
not supported : select, content
2) Component version of GSER encoders are partly supported(primitive types
used in an X.509 certificate)
......@@ -14,7 +14,7 @@
typedef enum { BER, GSER } EncRulesType;
typedef enum AsnTypeId {
BASICTYPE_BOOLEAN,
BASICTYPE_BOOLEAN = 0,
BASICTYPE_INTEGER,
BASICTYPE_BITSTRING,
BASICTYPE_OCTETSTRING,
......
#include "component.h"
#include <component.h>
#include "asn.h"
#include "componentlib.h"
AsnTypetoMatchingRuleTable directory_component_matching_table = {
AsnTypetoMatchingRuleTable directory_component_matching_table[] = {
"1.2.36.79672281.1.13.7",
{
{ BASICTYPE_BOOLEAN,NULL,"1.3.6.1.4.1.1466.115.121.1.7", NULL },
......@@ -41,7 +41,7 @@ AsnTypetoMatchingRuleTable directory_component_matching_table = {
NULL
};
struct asntype_to_syntax asn_to_syntax_mapping_tbl[] = {
AsnTypetoSyntax asn_to_syntax_mapping_tbl[] = {
{ BASICTYPE_BOOLEAN,"Boolean","1.3.6.1.4.1.1466.115.121.1.7", NULL },
{ BASICTYPE_INTEGER,"Integer","1.3.6.1.4.1.1466.115.121.1.27", NULL },
{ BASICTYPE_BITSTRING,"Bit String","1.3.6.1.4.1.1466.115.121.1.6", NULL },
......@@ -77,3 +77,124 @@ struct asntype_to_syntax asn_to_syntax_mapping_tbl[] = {
{ ASN_COMP_CERTIFICATE, "componentCertificate", "1.2.36.79672281.1.5.2" , NULL },
{ ASNTYPE_END , NULL , NULL, NULL }
};
/*
* This table describes relationship between an ASN.1 type and its
* potential matching rules such as equality, approx, ordering, and substring
* Based on the description of this table, the following ComponentType
* table is initialized
*/
AsnTypetoCompMatchingRule asntype_to_compMR_mapping_tbl[] = {
{ BASICTYPE_BOOLEAN, "booleanMatch", NULL, NULL, NULL },
{ BASICTYPE_INTEGER, "integerMatch", NULL, "integerOrderingMatch", NULL },
{ BASICTYPE_BITSTRING, "bitStringMatch", NULL, NULL, NULL },
{ BASICTYPE_OCTETSTRING, "octetStringMatch", NULL, "octetStringOrderingMatch", NULL },
{ BASICTYPE_NULL, NULL, NULL, NULL, NULL },
{ BASICTYPE_OID, "objectIdentifierMatch", NULL, NULL, NULL },
{ BASICTYPE_REAL, NULL, NULL, NULL, NULL },
{ BASICTYPE_ENUMERATED, "integerMatch", NULL, "integerOrderingMatch", NULL },
{ BASICTYPE_NUMERIC_STR, "numericStringMatch", NULL, "numericStringOrderingMatch", "numericStringSubstringsMatch"},
{ BASICTYPE_PRINTABLE_STR, "caseIgnoreMatch", "directoryStringApproxMatch", "caseIgnoreOrderingMatch", "caseIgnoreSubstringsMatch" },
{ BASICTYPE_UNIVERSAL_STR, "caseIgnoreMatch", "directoryStringApproxMatch", "caseIgnoreOrderingMatch", "caseIgnoreSubstringsMatch" },
{ BASICTYPE_IA5_STR, "caseIgnoreMatch", "IA5StringApproxMatch", "caseIgnoreOrderingMatch", "caseIgnoreSubstringsMatch" },
{ BASICTYPE_BMP_STR, "caseIgnoreMatch", "directoryStringApproxMatch", "caseIgnoreOrderingMatch", "caseIgnoreSubstringsMatch" },
{ BASICTYPE_UTF8_STR, "caseIgnoreMatch", "directoryStringApproxMatch", "caseIgnoreOrderingMatch", "caseIgnoreSubstringsMatch" },
{ BASICTYPE_UTCTIME, NULL, NULL, NULL, NULL },
{ BASICTYPE_GENERALIZEDTIME, NULL, NULL, NULL, NULL },
{ BASICTYPE_GRAPHIC_STR, NULL, NULL, NULL, NULL },
{ BASICTYPE_VISIBLE_STR, "caseIgnoreMatch", "directoryStringApproxMatch", "caseIgnoreOrderingMatch", "caseIgnoreSubstringsMatch" },
{ BASICTYPE_GENERAL_STR, NULL, NULL, NULL, NULL },
{ BASICTYPE_OBJECTDESCRIPTOR, "objectIdentifierFirstComponentMatch", NULL, NULL, NULL },
{ BASICTYPE_VIDEOTEX_STR, NULL, NULL, NULL, NULL },
{ BASICTYPE_T61_STR, NULL, NULL, NULL, NULL },
{ BASICTYPE_OCTETCONTAINING, NULL, NULL, NULL, NULL },
{ BASICTYPE_BITCONTAINING, NULL, NULL, NULL, NULL },
{ BASICTYPE_RELATIVE_OID, "objectIdentifierFirstComponentMatch", NULL, NULL, NULL },
{ BASICTYPE_ANY, NULL, NULL, NULL, NULL },
{ COMPOSITE_ASN1_TYPE, NULL, NULL, NULL, NULL },
{ RDNSequence, "distinguishedNameMatch", NULL, NULL, NULL },
{ RelativeDistinguishedName, "rdnMatch" , NULL, NULL, NULL },
{ TelephoneNumber, NULL, NULL, NULL, NULL },
{ FacsimileTelephoneNumber__telephoneNumber, "caseIgnoreMatch", "directoryStringApproxMatch", "caseIgnoreOrderingMatch", "caseIgnoreSubstringsMatch" },
{ DirectoryString, "caseIgnoreMatch", "directoryStringApproxMatch", "caseIgnoreOrderingMatch", "caseIgnoreSubstringsMatch"},
{ ASN_COMP_CERTIFICATE, "componentFilterMatch", NULL, NULL, NULL },
{ ASNTYPE_END, NULL, NULL, NULL, NULL }
};
/*
* This table mapps an ASN type to a corresponding ComponentType which has
* equivalent contents of an existing AttributeType
*/
AsnTypetoCompType asntype_to_compType_mapping_tbl[] = {
{ BASICTYPE_BOOLEAN,{}},
{ BASICTYPE_INTEGER, {}},
{ BASICTYPE_BITSTRING, {}},
{ BASICTYPE_OCTETSTRING, {}},
{ BASICTYPE_NULL, {}},
{ BASICTYPE_OID, {}},
{ BASICTYPE_REAL, {}},
{ BASICTYPE_ENUMERATED, {}},
{ BASICTYPE_NUMERIC_STR, {}},
{ BASICTYPE_PRINTABLE_STR, {}},
{ BASICTYPE_UNIVERSAL_STR, {}},
{ BASICTYPE_IA5_STR, {}},
{ BASICTYPE_BMP_STR, {}},
{ BASICTYPE_UTF8_STR, {}},
{ BASICTYPE_UTCTIME, {}},
{ BASICTYPE_GENERALIZEDTIME, {}},
{ BASICTYPE_GRAPHIC_STR, {}},
{ BASICTYPE_VISIBLE_STR, {}},
{ BASICTYPE_GENERAL_STR,{}},
{ BASICTYPE_OBJECTDESCRIPTOR, {}},
{ BASICTYPE_VIDEOTEX_STR, {}},
{ BASICTYPE_T61_STR, {}},
{ BASICTYPE_OCTETCONTAINING, {}},
{ BASICTYPE_BITCONTAINING, {}},
{ BASICTYPE_RELATIVE_OID, {}},
{ BASICTYPE_ANY, {}},
{ COMPOSITE_ASN1_TYPE, {}},
{ RDNSequence, {}},
{ RelativeDistinguishedName, {}},
{ TelephoneNumber, {}},
{ FacsimileTelephoneNumber__telephoneNumber, {}},
{ DirectoryString, {}},
{ ASN_COMP_CERTIFICATE, {}},
{ ASNTYPE_END , {}}
};
AsnTypetoCompDesc asntype_to_compdesc_mapping_tbl[] = {
{ BASICTYPE_BOOLEAN,{}},
{ BASICTYPE_INTEGER, {}},
{ BASICTYPE_BITSTRING, {}},
{ BASICTYPE_OCTETSTRING, {}},
{ BASICTYPE_NULL, {}},
{ BASICTYPE_OID, {}},
{ BASICTYPE_REAL, {}},
{ BASICTYPE_ENUMERATED, {}},
{ BASICTYPE_NUMERIC_STR, {}},
{ BASICTYPE_PRINTABLE_STR, {}},
{ BASICTYPE_UNIVERSAL_STR, {}},
{ BASICTYPE_IA5_STR, {}},
{ BASICTYPE_BMP_STR, {}},
{ BASICTYPE_UTF8_STR, {}},
{ BASICTYPE_UTCTIME, {}},
{ BASICTYPE_GENERALIZEDTIME, {}},
{ BASICTYPE_GRAPHIC_STR, {}},
{ BASICTYPE_VISIBLE_STR, {}},
{ BASICTYPE_GENERAL_STR,{}},
{ BASICTYPE_OBJECTDESCRIPTOR, {}},
{ BASICTYPE_VIDEOTEX_STR, {}},
{ BASICTYPE_T61_STR, {}},
{ BASICTYPE_OCTETCONTAINING, {}},
{ BASICTYPE_BITCONTAINING, {}},
{ BASICTYPE_RELATIVE_OID, {}},
{ BASICTYPE_ANY, {}},
{ COMPOSITE_ASN1_TYPE, {}},
{ RDNSequence, {}},
{ RelativeDistinguishedName, {}},
{ TelephoneNumber, {}},
{ FacsimileTelephoneNumber__telephoneNumber, {}},
{ DirectoryString, {}},
{ ASN_COMP_CERTIFICATE, {}},
{ ASNTYPE_END , {}}
};
......@@ -18,7 +18,7 @@ BDecComponentAuthorityKeyIdentifierTop( void* mem_op, GenBuf* b, void *v, AsnLen
return (-1);
}
return BDecComponentAuthorityKeyIdentifier( mem_op, b, tag, elmtLen, (ComponentSyntaxInfo*)v,(int*)bytesDecoded, mode );
return BDecComponentAuthorityKeyIdentifier( mem_op, b, tag, elmtLen, ( ComponentAuthorityKeyIdentifier**)v, (AsnLen*)bytesDecoded, mode );
}
......@@ -45,7 +45,7 @@ MatchingComponentOtherName ( char* oid, ComponentSyntaxInfo* csi_attr, Component
if ( rc != LDAP_COMPARE_TRUE )
return rc;
rc = SetAnyTypeByComponentOid ((ComponentSyntaxInfo*)&((ComponentOtherName*)csi_attr)->value, (&((ComponentOtherName*)csi_attr)->type_id));
rc = MatchingComponentAnyDefinedBy ( oid, (ComponentSyntaxInfo*)&((ComponentOtherName*)csi_attr)->value, (ComponentSyntaxInfo*)&((ComponentOtherName*)csi_assert)->value);
rc = MatchingComponentAnyDefinedBy ( oid, (ComponentAny*)&((ComponentOtherName*)csi_attr)->value, (ComponentAny*)&((ComponentOtherName*)csi_assert)->value);
if ( rc != LDAP_COMPARE_TRUE )
return rc;
return LDAP_COMPARE_TRUE;
......@@ -267,7 +267,7 @@ MatchingComponentORAddress ( char* oid, ComponentSyntaxInfo* csi_attr, Component
if ( rc != LDAP_COMPARE_TRUE )
return rc;
rc = SetAnyTypeByComponentOid ((ComponentSyntaxInfo*)&((ComponentORAddress*)csi_attr)->value, (&((ComponentORAddress*)csi_attr)->type_id));
rc = MatchingComponentAnyDefinedBy ( oid, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_attr)->value, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_assert)->value);
rc = MatchingComponentAnyDefinedBy ( oid, (ComponentAny*)&((ComponentORAddress*)csi_attr)->value, (ComponentAny*)&((ComponentORAddress*)csi_assert)->value);
if ( rc != LDAP_COMPARE_TRUE )
return rc;
rc = MatchingComponentOcts ( oid, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_attr)->extension, (ComponentSyntaxInfo*)&((ComponentORAddress*)csi_assert)->extension );
......@@ -1615,7 +1615,7 @@ ExtractingComponentGeneralNames ( void* mem_op, ComponentReference* cr, Componen
case LDAP_COMPREF_COUNT :
k = (ComponentInt*)CompAlloc( mem_op, sizeof(ComponentInt));
k->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
k->comp_desc->cd_tag = NULL;
k->comp_desc->cd_tag = (-1);
k->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentInt;
k->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentInt;
k->comp_desc->cd_extract_i = (extract_component_from_id_func*)NULL;
......
......@@ -3,7 +3,7 @@ BEGIN
-- based on RFC 3280 and X.509
Certificate ::= SEQUENCE {
tbsCertificate TBSCertificate,
toBeSigned TBSCertificate,
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING
}
......
......@@ -18,7 +18,7 @@ BDecComponentCertificateTop( void* mem_op, GenBuf* b, void **v, AsnLen* bytesDec
return (-1);
}
return BDecComponentCertificate( mem_op, b, tag, elmtLen, (ComponentSyntaxInfo*)v,(int*)bytesDecoded, mode );
return BDecComponentCertificate( mem_op, b, tag, elmtLen, (ComponentCertificate**)v,(AsnLen*)bytesDecoded, mode );
}
void init_module_AuthenticationFramework() {
......@@ -90,7 +90,7 @@ MatchingComponentAlgorithmIdentifier ( char* oid, ComponentSyntaxInfo* csi_attr,
if ( rc != LDAP_COMPARE_TRUE )
return rc;
rc = SetAnyTypeByComponentOid ((ComponentSyntaxInfo*)&((ComponentAlgorithmIdentifier*)csi_attr)->parameters, (&((ComponentAlgorithmIdentifier*)csi_attr)->algorithm));
rc = MatchingComponentAnyDefinedBy ( oid, (ComponentSyntaxInfo*)&((ComponentAlgorithmIdentifier*)csi_attr)->parameters, (ComponentSyntaxInfo*)&((ComponentAlgorithmIdentifier*)csi_assert)->parameters);
rc = MatchingComponentAnyDefinedBy ( oid, (ComponentAny*)&((ComponentAlgorithmIdentifier*)csi_attr)->parameters, (ComponentAny*)&((ComponentAlgorithmIdentifier*)csi_assert)->parameters);
if ( rc != LDAP_COMPARE_TRUE )
return rc;
return LDAP_COMPARE_TRUE;
......@@ -792,7 +792,7 @@ MatchingComponentAttributeTypeAndValue ( char* oid, ComponentSyntaxInfo* csi_att
if ( rc != LDAP_COMPARE_TRUE )
return rc;
rc = SetAnyTypeByComponentOid ((ComponentSyntaxInfo*)&((ComponentAttributeTypeAndValue*)csi_attr)->value, (&((ComponentAttributeTypeAndValue*)csi_attr)->type));
rc = MatchingComponentAnyDefinedBy ( oid, (ComponentSyntaxInfo*)&((ComponentAttributeTypeAndValue*)csi_attr)->value, (ComponentSyntaxInfo*)&((ComponentAttributeTypeAndValue*)csi_assert)->value);
rc = MatchingComponentAnyDefinedBy ( oid, (ComponentAny*)&((ComponentAttributeTypeAndValue*)csi_attr)->value, (ComponentAny*)&((ComponentAttributeTypeAndValue*)csi_assert)->value);
if ( rc != LDAP_COMPARE_TRUE )
return rc;
return LDAP_COMPARE_TRUE;
......@@ -1514,7 +1514,7 @@ ExtractingComponentExtensions ( void* mem_op, ComponentReference* cr, ComponentE
case LDAP_COMPREF_COUNT :
k = (ComponentInt*)CompAlloc( mem_op, sizeof(ComponentInt));
k->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
k->comp_desc->cd_tag = NULL;
k->comp_desc->cd_tag = (-1);
k->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentInt;
k->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentInt;
k->comp_desc->cd_extract_i = (extract_component_from_id_func*)NULL;
......@@ -1757,7 +1757,7 @@ ExtractingComponentRelativeDistinguishedName ( void* mem_op, ComponentReference*
case LDAP_COMPREF_COUNT :
k = (ComponentInt*)CompAlloc( mem_op, sizeof(ComponentInt));
k->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
k->comp_desc->cd_tag = NULL;
k->comp_desc->cd_tag = (-1);
k->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentInt;
k->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentInt;
k->comp_desc->cd_extract_i = (extract_component_from_id_func*)NULL;
......@@ -1833,6 +1833,10 @@ int mode)
free ( t );
return -1;
}
t->comp_desc->cd_gser_encoder = (encoder_func*)NULL;
t->comp_desc->cd_ber_encoder = (encoder_func*)NULL;
t->comp_desc->cd_ldap_encoder = (encoder_func*)ConvertRDN2RFC2253;
t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentRelativeDistinguishedName ;
t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentRelativeDistinguishedName ;
t->comp_desc->cd_free = (comp_free_func*)NULL;
......@@ -1991,7 +1995,7 @@ ExtractingComponentRDNSequence ( void* mem_op, ComponentReference* cr, Component
case LDAP_COMPREF_COUNT :
k = (ComponentInt*)CompAlloc( mem_op, sizeof(ComponentInt));
k->comp_desc = CompAlloc( mem_op, sizeof( ComponentDesc ) );
k->comp_desc->cd_tag = NULL;
k->comp_desc->cd_tag = (-1);
k->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentInt;
k->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentInt;
k->comp_desc->cd_extract_i = (extract_component_from_id_func*)NULL;
......@@ -2067,6 +2071,10 @@ int mode)
free ( t );
return -1;
}
t->comp_desc->cd_gser_encoder = (encoder_func*)NULL;
t->comp_desc->cd_ber_encoder = (encoder_func*)NULL;
t->comp_desc->cd_ldap_encoder = (encoder_func*) ConvertRDNSequence2RFC2253;
t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentRDNSequence ;
t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentRDNSequence ;
t->comp_desc->cd_free = (comp_free_func*)NULL;
......@@ -2140,6 +2148,9 @@ int mode)
free ( t );
return -1;
}
t->comp_desc->cd_gser_encoder = (encoder_func*)NULL;
t->comp_desc->cd_ber_encoder = (encoder_func*)NULL;
t->comp_desc->cd_ldap_encoder = (encoder_func*)ConvertRDNSequence2RFC2253;
t->comp_desc->cd_gser_decoder = (gser_decoder_func*)GDecComponentRDNSequence ;
t->comp_desc->cd_ber_decoder = (ber_decoder_func*)BDecComponentRDNSequence ;
t->comp_desc->cd_free = (comp_free_func*)NULL;
......@@ -2969,7 +2980,7 @@ MatchingComponentCertificate ( char* oid, ComponentSyntaxInfo* csi_attr, Compone
}
rc = 1;
rc = MatchingComponentTBSCertificate ( oid, (ComponentSyntaxInfo*)((ComponentCertificate*)csi_attr)->tbsCertificate, (ComponentSyntaxInfo*)((ComponentCertificate*)csi_assert)->tbsCertificate );
rc = MatchingComponentTBSCertificate ( oid, (ComponentSyntaxInfo*)((ComponentCertificate*)csi_attr)->toBeSigned, (ComponentSyntaxInfo*)((ComponentCertificate*)csi_assert)->toBeSigned );
if ( rc != LDAP_COMPARE_TRUE )
return rc;
rc = MatchingComponentAlgorithmIdentifier ( oid, (ComponentSyntaxInfo*)((ComponentCertificate*)csi_attr)->signatureAlgorithm, (ComponentSyntaxInfo*)((ComponentCertificate*)csi_assert)->signatureAlgorithm );
......@@ -2985,12 +2996,12 @@ void*
ExtractingComponentCertificate ( void* mem_op, ComponentReference* cr, ComponentCertificate *comp )
{
if ( ( comp->tbsCertificate->identifier.bv_val && strncmp(comp->tbsCertificate->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->tbsCertificate->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( ( comp->toBeSigned->identifier.bv_val && strncmp(comp->toBeSigned->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->toBeSigned->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
if ( cr->cr_curr->ci_next == NULL )
return comp->tbsCertificate;
return comp->toBeSigned;
else {
cr->cr_curr = cr->cr_curr->ci_next;
return ExtractingComponentTBSCertificate ( mem_op, cr, comp->tbsCertificate );
return ExtractingComponentTBSCertificate ( mem_op, cr, comp->toBeSigned );
}
}
if ( ( comp->signatureAlgorithm->identifier.bv_val && strncmp(comp->signatureAlgorithm->identifier.bv_val, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) || ( strncmp(comp->signatureAlgorithm->id_buf, cr->cr_curr->ci_val.ci_identifier.bv_val,cr->cr_curr->ci_val.ci_identifier.bv_len) == 0 ) ) {
......@@ -3045,11 +3056,11 @@ int mode)
if (((tagId1 == MAKE_TAG_ID (UNIV, CONS, SEQ_TAG_CODE))))
{
elmtLen1 = BDecLen (b, &totalElmtsLen1 );
rc = BDecComponentTBSCertificate (mem_op, b, tagId1, elmtLen1, (&k->tbsCertificate), &totalElmtsLen1, mode);
rc = BDecComponentTBSCertificate (mem_op, b, tagId1, elmtLen1, (&k->toBeSigned), &totalElmtsLen1, mode);
if ( rc != LDAP_SUCCESS ) return rc;
(k->tbsCertificate)->identifier.bv_val = (k->tbsCertificate)->id_buf;
(k->tbsCertificate)->identifier.bv_len = strlen("tbsCertificate");
strcpy( (k->tbsCertificate)->identifier.bv_val, "tbsCertificate");
(k->toBeSigned)->identifier.bv_val = (k->toBeSigned)->id_buf;
(k->toBeSigned)->identifier.bv_len = strlen("toBeSigned");
strcpy( (k->toBeSigned)->identifier.bv_val, "toBeSigned");
tagId1 = BDecTag (b, &totalElmtsLen1);
}
else
......@@ -3151,11 +3162,11 @@ int mode)
Asn1Error("Error during Reading identifier");
return LDAP_PROTOCOL_ERROR;
}
if ( strncmp( peek_head, "tbsCertificate", strlen("tbsCertificate") ) == 0 ) {
rc = GDecComponentTBSCertificate (mem_op, b, (&k->tbsCertificate), bytesDecoded, mode);
if ( strncmp( peek_head, "toBeSigned", strlen("toBeSigned") ) == 0 ) {
rc = GDecComponentTBSCertificate (mem_op, b, (&k->toBeSigned), bytesDecoded, mode);
if ( rc != LDAP_SUCCESS ) return rc;
( k->tbsCertificate)->identifier.bv_val = peek_head;
( k->tbsCertificate)->identifier.bv_len = strLen;
( k->toBeSigned)->identifier.bv_val = peek_head;
( k->toBeSigned)->identifier.bv_len = strLen;
if( !(strLen = LocateNextGSERToken(mem_op,b,&peek_head,GSER_NO_COPY)) ){
Asn1Error("Error during Reading , ");
return LDAP_PROTOCOL_ERROR;
......
......@@ -346,7 +346,7 @@ typedef struct Certificate /* SEQUENCE */
ComponentDesc* comp_desc;
struct berval identifier;
char id_buf[MAX_IDENTIFIER_LEN];
ComponentTBSCertificate* tbsCertificate; /* TBSCertificate */
ComponentTBSCertificate* toBeSigned; /* TBSCertificate */
ComponentAlgorithmIdentifier* signatureAlgorithm; /* AlgorithmIdentifier */
ComponentBits signature; /* BIT STRING */
} ComponentCertificate;
......
......@@ -29,6 +29,24 @@
#define MAX_IDENTIFIER_LEN 128
#define COMPONENTNOT_NULL(ptr) ((ptr) != NULL)
typedef struct slap_component_type {
/*
* Don't change the order of following fields
* They are identical the first 9 fields of
* AttributeType
*/
LDAPAttributeType ct_atype;
struct berval ct_cname;
struct slap_attribute_type *ct_sup;
struct slap_attribute_type **ct_subtypes;
MatchingRule *ct_equality;
MatchingRule *ct_approx;
MatchingRule *ct_ordering;
MatchingRule *ct_substr;
Syntax *ct_syntax;
} ComponentType;
/*
* BIT STRING
*/
......@@ -447,6 +465,25 @@ typedef struct asntype_to_syntax {
Syntax *ats_syn;
} AsnTypetoSyntax;
typedef struct asntype_to_comp_matchingrule {
AsnTypeId atc_typeId;
char* atc_equality;
char* atc_approx;
char* atc_ordering;
char* atc_substr;
} AsnTypetoCompMatchingRule;
typedef struct asntype_to_comp_desc {
AsnTypeId atcd_typeId;
ComponentDesc atcd_cd;
} AsnTypetoCompDesc;
typedef struct asntype_to_comp_type {
AsnTypeId ac_asn_id;
ComponentType ac_comp_type;
} AsnTypetoCompType;
/* refined matching purpose */
typedef struct asntype_to_matchingrule {
AsnTypeId atmr_typeId;
char* atmr_mr_name;
......@@ -461,8 +498,6 @@ typedef struct asntype_to_matchingrule_table {
struct asntype_to_matchingrule_table* atmr_table_next;
} AsnTypetoMatchingRuleTable;
extern AsnTypetoSyntax asn_to_syntax_mapping_tbl[];
#define MAX_OID_LEN 256
#define MAX_OD_ENTRY 8
......@@ -543,4 +578,13 @@ typedef struct comp_irAttributeTypeAndValue /* SEQUENCE */
#define RDN_MATCH_OID "1.2.36.79672281.1.13.3"
#define DN_MATCH_OID "2.5.13.1"
extern AsnTypetoSyntax asn_to_syntax_mapping_tbl[];
extern AsnTypetoCompMatchingRule asntype_to_compMR_mapping_tbl[];
extern AsnTypetoCompType asntype_to_compType_mapping_tbl[];
extern AsnTypetoCompDesc asntype_to_compdesc_mapping_tbl[];
int ConvertRDN2RFC2253 ( irRelativeDistinguishedName* in, struct berval *out );
int ConvertRDNSequence2RFC2253( irRDNSequence *in, struct berval* out );
void* comp_nibble_memory_allocator ( int init_mem, int inc_mem );
#endif
......@@ -65,13 +65,13 @@ add_aa_entry( int index, char* aliasing_at_name, char* aliased_at_name, char* mr
/* get and store aliasing AttributeDescription */
type.bv_val = aliasing_at_name;
type.bv_len = strlen ( aliasing_at_name );
rc = slap_bv2ad ( &type, &aa_table[index].aa_aliasing_ad,(char**)text );
rc = slap_bv2ad ( &type, &aa_table[index].aa_aliasing_ad,(const char**)text );
if ( rc != LDAP_SUCCESS ) return rc;
/* get and store aliased AttributeDescription */
type.bv_val = aliased_at_name;
type.bv_len = strlen ( aliased_at_name );
rc = slap_bv2ad ( &type, &aa_table[index].aa_aliased_ad,(char**)text );
rc = slap_bv2ad ( &type, &aa_table[index].aa_aliased_ad,(const char**)text );
if ( rc != LDAP_SUCCESS ) return rc;
/* get and store componentFilterMatch */
......@@ -82,7 +82,7 @@ add_aa_entry( int index, char* aliasing_at_name, char* aliased_at_name, char* mr
/* get and store a component filter */
type.bv_val = component_filter;
type.bv_len = strlen ( component_filter );
rc = get_comp_filter( NULL, &type, &aa_table[index].aa_cf,(char**)text);
rc = get_comp_filter( NULL, &type, &aa_table[index].aa_cf,(const char**)text);
aa_table[index].aa_cf_str = component_filter;
......@@ -99,9 +99,9 @@ add_aa_entry( int index, char* aliasing_at_name, char* aliased_at_name, char* mr
* See RFC3687 to understand the content of a component filter.
*/
char* pre_processed_comp_filter[] = {
/*1*/"item:{ component \"tbsCertificate.issuer.rdnSequence\", rule distinguishedNameMatch, value xxx }",
/*2*/"item:{ component \"tbsCertificate.serialNumber\", rule integerMatch, value xxx }",
/*3*/"and:{ item:{ component \"tbsCertificate.serialNumber\", rule integerMatch, value xxx }, item:{ component \"tbsCertificate.issuer.rdnSequence\", rule distinguishedNameMatch, value xxx } }"
/*1*/"item:{ component \"toBeSigned.issuer.rdnSequence\", rule distinguishedNameMatch, value xxx }",
/*2*/"item:{ component \"toBeSigned.serialNumber\", rule integerMatch, value xxx }",
/*3*/"and:{ item:{ component \"toBeSigned.serialNumber\", rule integerMatch, value xxx }, item:{ component \"toBeSigned.issuer.rdnSequence\", rule distinguishedNameMatch, value xxx } }"
};
static int
......@@ -125,6 +125,60 @@ init_attribute_aliasing_table ()
return LDAP_SUCCESS;
}
void
init_component_description_table () {
AsnTypeId id;
struct berval mr;
AsnTypetoSyntax* asn_to_syn;
Syntax* syn;
for ( id = BASICTYPE_BOOLEAN; id != ASNTYPE_END ; id++ ) {
#if 0
asntype_to_compType_mapping_tbl[id].ac_comp_type.ct_atype;
asntype_to_compType_mapping_tbl[id].ac_comp_type.ct_cname = {0,NULL};
#endif
asntype_to_compType_mapping_tbl[id].ac_comp_type.ct_subtypes = NULL;
asntype_to_compType_mapping_tbl[id].ac_comp_type.ct_syntax = NULL;
/* Equality Matching Rule */
if ( asntype_to_compMR_mapping_tbl[id].atc_equality ) {
mr.bv_val = asntype_to_compMR_mapping_tbl[id].atc_equality;
mr.bv_len = strlen(asntype_to_compMR_mapping_tbl[id].atc_equality);
asntype_to_compType_mapping_tbl[id].ac_comp_type.ct_equality = mr_bvfind( &mr );
}
/* Approx Matching Rule */
if ( asntype_to_compMR_mapping_tbl[id].atc_approx ) {
mr.bv_val = asntype_to_compMR_mapping_tbl[id].atc_approx;
mr.bv_len = strlen(asntype_to_compMR_mapping_tbl[id].atc_approx);
asntype_to_compType_mapping_tbl[id].ac_comp_type.ct_approx = mr_bvfind( &mr );
}
/* Ordering Matching Rule */
if ( asntype_to_compMR_mapping_tbl[id].atc_ordering ) {
mr.bv_val = asntype_to_compMR_mapping_tbl[id].atc_ordering;
mr.bv_len = strlen(asntype_to_compMR_mapping_tbl[id].atc_ordering);
asntype_to_compType_mapping_tbl[id].ac_comp_type.ct_ordering= mr_bvfind( &mr );
}
/* Substr Matching Rule */
if ( asntype_to_compMR_mapping_tbl[id].atc_substr ) {
mr.bv_val = asntype_to_compMR_mapping_tbl[id].atc_substr;
mr.bv_len = strlen(asntype_to_compMR_mapping_tbl[id].atc_substr);
asntype_to_compType_mapping_tbl[id].ac_comp_type.ct_substr = mr_bvfind( &mr );
}
/* Syntax */
asn_to_syn = &asn_to_syntax_mapping_tbl[ id ];
if ( asn_to_syn->ats_syn_oid )
syn = syn_find ( asn_to_syn->ats_syn_oid );
else
syn = NULL;
asntype_to_compType_mapping_tbl[id].ac_comp_type.ct_syntax = syn;
asntype_to_compdesc_mapping_tbl[id].atcd_cd.cd_comp_type = (AttributeType*)&asntype_to_compType_mapping_tbl[id].ac_comp_type;
}
}
MatchingRule*
retrieve_matching_rule( char* mr_oid, AsnTypeId type ) {
char* tmp;
......@@ -147,7 +201,6 @@ retrieve_matching_rule( char* mr_oid, AsnTypeId type ) {
void*
comp_convert_attr_to_comp LDAP_P (( Attribute* a, Syntax *syn, struct berval* bv ))
{
char* peek_head;
int mode, bytesDecoded, size, rc;
void* component;
......@@ -159,7 +212,7 @@ comp_convert_attr_to_comp LDAP_P (( Attribute* a, Syntax *syn, struct berval* bv
/* look for the decoder registered for the given attribute */
odm = RetrieveOidDecoderMappingbyOid( oid, strlen(oid) );
if ( !odm || (!odm->BER_Decode && odm->GSER_Decode) )
if ( !odm || (!odm->BER_Decode && !odm->GSER_Decode) )
return (void*)NULL;
buf = ExpBufAllocBuf();
......@@ -173,14 +226,14 @@ comp_convert_attr_to_comp LDAP_P (( Attribute* a, Syntax *syn, struct berval* bv
* Currently BER decoder is called for a certificate.
* The flag of Attribute will say something about it in the future
*/
if ( slap_syntax_is_ber ( syn ) ) {
if ( syn && slap_syntax_is_ber ( syn ) ) {
#if 0
rc =BDecComponentTop(odm->BER_Decode, a->a_comp_data->cd_mem_op, b, 0,0, &component,&bytesDecoded,mode ) ;
#endif
rc = odm->BER_Decode ( a->a_comp_data->cd_mem_op,b,&component,&bytesDecoded, mode );
rc = odm->BER_Decode ( a->a_comp_data->cd_mem_op, b, (ComponentSyntaxInfo*)&component, &bytesDecoded, mode );
}
else {
rc = odm->GSER_Decode( a->a_comp_data->cd_mem_op, b, component,&bytesDecoded,mode);
rc = odm->GSER_Decode( a->a_comp_data->cd_mem_op, b, (ComponentSyntaxInfo**)component, &bytesDecoded, mode);
}
ExpBufFreeBuf( buf );
......@@ -202,7 +255,7 @@ comp_free_component ( void* mem_op ) {
return;
}
int
void
comp_convert_assert_to_comp (
void* mem_op,
ComponentSyntaxInfo *csi_attr,
......@@ -224,7 +277,6 @@ comp_convert_assert_to_comp (