-/* OpenSSL privatekeys have no single specific format */
-static int
-privateKeyValidate(
- Syntax *syntax,
- struct berval *val )
-{
- BerElementBuffer berbuf;
- BerElement *ber = (BerElement *)&berbuf;
- ber_tag_t tag;
- ber_len_t len;
- ber_int_t version;
-
- ber_init2( ber, val, LBER_USE_DER );
- tag = ber_skip_tag( ber, &len ); /* Sequence */
- if ( tag != LBER_SEQUENCE ) return LDAP_INVALID_SYNTAX;
- tag = ber_peek_tag( ber, &len );
- if ( tag != LBER_INTEGER ) return LDAP_INVALID_SYNTAX;
- tag = ber_get_int( ber, &version );
- /* the rest varies for RSA, DSA, EC, PKCS#8 */
- return LDAP_SUCCESS;
-}
-
-static slap_syntax_defs_rec aca_syntax = {
- "( " ACA_SCHEMA_SYN ".1 DESC 'X.509 Private Key' "
- "X-BINARY-TRANSFER-REQUIRED 'TRUE' "
- "X-NOT-HUMAN-READABLE 'TRUE' )",
- SLAP_SYNTAX_BINARY|SLAP_SYNTAX_BER,
- NULL,
- privateKeyValidate,
- NULL };
-
-static slap_mrule_defs_rec aca_mrule = {
- "( " ACA_SCHEMA_MR ".1 NAME 'privateKeyMatch' "
- "SYNTAX " ACA_SCHEMA_SYN ".1 )",
- SLAP_MR_HIDE | SLAP_MR_EQUALITY, NULL,
- NULL, NULL, octetStringMatch, octetStringIndexer,
- octetStringFilter, NULL };
-