[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Storing Special German Characters in OpenLDAP as PGP-Directory
Hello and happy new year!
I try to use OpenLDAP as PGP-Directory for storing PGP keys and PGP
configuration. All seems to work fine as long as I do not try to put in any
pgpUserIDs with German 'umlauts' (funny german characters like äöüß....). If the
pgpUserID contains such a character I get the following error:
"invald syntax". LDAP-Server error: tag=105 err=21 text=pgpuserid: value #0
contains invalid data
The attribute pgpUserID is defined as Directory String:
attributetype (
1.3.6.1.4.1.3401.8.2.16
NAME 'pgpUserID'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
I think the problem is that OpenLDAP is expecting special character UTF-8 coded
(standard), but PGP sends the UserID plain uncoded.
Following is the schema I'm using:
attributetype (
1.3.6.1.4.1.3401.8.2.8
NAME 'pgpBaseKeySpaceDN'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.9
NAME 'pgpSoftware'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.10
NAME 'pgpVersion'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.11
NAME 'pgpKey'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype (
1.3.6.1.4.1.3401.8.2.12
NAME 'pgpCertID'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.13
NAME 'pgpDisabled'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.14
NAME 'pgpKeyID'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.15
NAME 'pgpKeyType'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.16
NAME 'pgpUserID'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.17
NAME 'pgpKeyCreateTime'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.18
NAME 'pgpSignerID'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.19
NAME 'pgpRevoked'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.20
NAME 'pgpSubKeyID'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.21
NAME 'pgpKeySize'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype (
1.3.6.1.4.1.3401.8.2.22
NAME 'pgpKeyExpireTime'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
objectclass (
1.3.6.1.4.1.3401.8.2.23
NAME 'pgpServerInfo'
SUP Top
STRUCTURAL
MUST ( objectclass $ cn $ pgpBaseKeySpaceDN )
MAY ( pgpSoftware $ pgpVersion ) )
objectclass (
1.3.6.1.4.1.3401.8.2.24
NAME 'pgpKey'
SUP Top
STRUCTURAL
MUST ( objectclass $ pgpKey )
MAY ( pgpCertID $ pgpDisabled $ pgpKeyID $ pgpKeyType $ pgpUserID $
pgpKeyCreateTime $ pgpSignerID $ pgpRevoked $ pgpSubKeyID $
pgpKeySize $ pgpKeyExpireTime ) )
Hopefully somebody here can help me.
Thanks in advance,
Joachim