def persistent_search_control(change_types,
changes_only=True,
return_ecs=True,
criticality=False):
control_value = PersistentSearchControl()
control_value.setComponentByName('changeTypes', Integer(change_types))
control_value.setComponentByName('changesOnly', Boolean(changes_only))
control_value.setComponentByName('returnECs', Boolean(return_ecs))
return build_control('2.16.840.1.113730.3.4.3', criticality, control_value)
class PersistentSearchControl(Sequence):
# PersistentSearch ::= SEQUENCE {
# changeTypes INTEGER,
# changesOnly BOOLEAN,
# returnECs BOOLEAN
# }
componentType = NamedTypes(NamedType('changeTypes', Integer()),
NamedType('changesOnly', Boolean()),
NamedType('returnECs', Boolean()))
class DnAttributes(Boolean):
"""
dnAttributes [4] BOOLEAN DEFAULT FALSE }
"""
tagSet = Boolean.tagSet.tagImplicitly(
Tag(tagClassContext, tagFormatSimple, 4))
defaultValue = Boolean(False)
class SearchRequest(Sequence):
"""
SearchRequest ::= [APPLICATION 3] SEQUENCE {
baseObject LDAPDN,
scope ENUMERATED {
baseObject (0),
singleLevel (1),
wholeSubtree (2),
... },
derefAliases ENUMERATED {
neverDerefAliases (0),
derefInSearching (1),
derefFindingBaseObj (2),
derefAlways (3) },
sizeLimit INTEGER (0 .. maxInt),
timeLimit INTEGER (0 .. maxInt),
typesOnly BOOLEAN,
filter Filter,
attributes AttributeSelection }
"""
tagSet = Sequence.tagSet.tagImplicitly(
Tag(tagClassApplication, tagFormatConstructed, 3))
componentType = NamedTypes(
NamedType('baseObject', LDAPDN()),
NamedType('scope', Scope()),
NamedType('derefAliases', DeRefAliases()),
NamedType('sizeLimit', IntegerPositive()),
NamedType('timeLimit', IntegerPositive()),
NamedType('typesOnly', Boolean()),
NamedType('filter', Filter()),
NamedType('attributes', AttributeSelection()),
)
class Control(Sequence):
"""
Control ::= SEQUENCE {
controlType LDAPOID,
criticality BOOLEAN DEFAULT FALSE,
controlValue OCTET STRING OPTIONAL }
"""
componentType = NamedTypes(
NamedType('controlType', LDAPOID()),
DefaultedNamedType('criticality', Boolean(False)),
OptionalNamedType('controlValue', OctetString()),
)
def setComponentByPosition(self,
idx,
value=None,
verifyConstraints=True,
exactTypes=False,
matchTags=True,
matchConstraints=True):
if idx == 0: # controlType
try:
cls = KNOWN_CONTROLS[value]
if self.__class__ != cls:
self.__class__ = cls
except KeyError:
pass
return Sequence.setComponentByPosition(self, idx, value,
verifyConstraints, exactTypes,
matchTags, matchConstraints)
class Control(Sequence):
"""
Control ::= SEQUENCE {
controlType LDAPOID,
criticality BOOLEAN DEFAULT FALSE,
controlValue OCTET STRING OPTIONAL }
"""
componentType = NamedTypes(
NamedType('controlType', LDAPOID()),
NamedType('criticality', Boolean(False)),
OptionalNamedType('controlValue', OctetString()),
)
class RootOfTrust(Sequence):
"""Information about the device's status.
References:
* https://developer.android.com/training/articles/security-key-attestation#certificate_schema_rootoftrust
"""
componentType = NamedTypes(
NamedType('verifiedBootKey', OctetString()),
NamedType('deviceLocked', Boolean()),
NamedType('verifiedBootState', VerifiedBootState()),
NamedType('verifiedBootHash', OctetString()),
)
class SimplePagedResultsControl(Control):
"""
pagedResultsControl ::= SEQUENCE {
controlType 1.2.840.113556.1.4.319,
criticality BOOLEAN DEFAULT FALSE,
controlValue pagedSearchControlValue }
"""
componentType = NamedTypes(
NamedType('controlType', LDAPOID()),
DefaultedNamedType('criticality', Boolean(False)),
OptionalNamedType('controlValue', OctetString()),
)
def __init__(self, criticality=False, size=1000, cookie='', **kwargs):
Control.__init__(self, **kwargs)
self['controlType'] = CONTROL_PAGEDRESULTS
self['criticality'] = criticality
self._size = size
self._cookie = cookie
self._encodeControlValue()
def _encodeControlValue(self):
self['controlValue'] = encoder.encode(
SimplePagedSearchControlValue().setComponents(
self._size, self._cookie))
def _decodeControlValue(self):
self._size, self._cookie = decoder.decode(
self['controlValue'], asn1Spec=SimplePagedSearchControlValue())[0]
def getCriticality(self):
return self['criticality']
def setCritical(self, value):
self['criticality'] = value
def getSize(self):
self._decodeControlValue()
return self._size
def setSize(self, value):
self._size = value
self._encodeControlValue()
def getCookie(self):
self._decodeControlValue()
return self._cookie
def setCookie(self, value):
self._cookie = value
self._encodeControlValue()
class MatchingRuleAssertion(Sequence):
"""
MatchingRuleAssertion ::= SEQUENCE {
matchingRule [1] MatchingRuleId OPTIONAL,
type [2] AttributeDescription OPTIONAL,
matchValue [3] AssertionValue,
dnAttributes [4] BOOLEAN DEFAULT FALSE }
"""
componentType = NamedTypes(
OptionalNamedType('matchingRule', MatchingRuleId()),
OptionalNamedType('type', TypeDescription()),
NamedType('matchValue', matchValueAssertion()),
NamedType('dnAttributes', Boolean(False)),
)
class KerbPaPacRequest(Sequence):
componentType = NamedTypes(NamedType('include-pac', _c(0, Boolean())))