diff options
| author | João Valverde <joao.valverde@tecnico.ulisboa.pt> | 2016-03-09 03:17:51 +0000 |
|---|---|---|
| committer | João Valverde <j@v6e.pt> | 2016-03-13 21:30:24 +0000 |
| commit | 54a520d4a1151c68d0b4e5f09a8d82466fa499f3 (patch) | |
| tree | 7aacae160382098ce651ac862a5dfd5de4beff94 /epan/dissectors/asn1/pkix1implicit | |
| parent | c1f3c935bdd33090c87f0d2f84842ce9729b747a (diff) | |
Move /asn1 to /epan/dissectors
Change-Id: I1208fe3c2ba428995526f561e8f792b8d871e9a9
Reviewed-on: https://code.wireshark.org/review/14388
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
Diffstat (limited to 'epan/dissectors/asn1/pkix1implicit')
9 files changed, 781 insertions, 0 deletions
diff --git a/epan/dissectors/asn1/pkix1implicit/CMakeLists.txt b/epan/dissectors/asn1/pkix1implicit/CMakeLists.txt new file mode 100644 index 0000000000..9ddb1af8aa --- /dev/null +++ b/epan/dissectors/asn1/pkix1implicit/CMakeLists.txt @@ -0,0 +1,53 @@ +# CMakeLists.txt +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# + +set( PROTOCOL_NAME pkix1implicit ) + +set( PROTO_OPT ) + +set( EXT_ASN_FILE_LIST +) + +set( ASN_FILE_LIST + PKIX1IMPLICIT93.asn +) + +set( EXTRA_DIST + ${ASN_FILE_LIST} + packet-${PROTOCOL_NAME}-template.c + packet-${PROTOCOL_NAME}-template.h + ${PROTOCOL_NAME}.cnf +) + +set( SRC_FILES + ${EXTRA_DIST} + ${EXT_ASN_FILE_LIST} +) + +set( A2W_FLAGS -b ) + +set( EXTRA_CNF + "${CMAKE_CURRENT_BINARY_DIR}/../x509af/x509af-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../x509ce/x509ce-exp.cnf" +) + +ASN2WRS() + diff --git a/epan/dissectors/asn1/pkix1implicit/Makefile.am b/epan/dissectors/asn1/pkix1implicit/Makefile.am new file mode 100644 index 0000000000..72d28e600b --- /dev/null +++ b/epan/dissectors/asn1/pkix1implicit/Makefile.am @@ -0,0 +1,23 @@ +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + +include ../Makefile.preinc +include Makefile.common +include ../Makefile.inc + diff --git a/epan/dissectors/asn1/pkix1implicit/Makefile.common b/epan/dissectors/asn1/pkix1implicit/Makefile.common new file mode 100644 index 0000000000..d11a40c770 --- /dev/null +++ b/epan/dissectors/asn1/pkix1implicit/Makefile.common @@ -0,0 +1,52 @@ +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + +PROTOCOL_NAME=pkix1implicit + +EXT_ASN_FILE_LIST = + +ASN_FILE_LIST = \ + PKIX1IMPLICIT93.asn + +# The packet-$(PROTOCOL_NAME)-template.h and $(PROTOCOL_NAME).asn +# files do not exist for all protocols: Please add/remove as required. +EXTRA_DIST = \ + $(EXTRA_DIST_COMMON) \ + $(ASN_FILE_LIST) \ + packet-$(PROTOCOL_NAME)-template.c \ + packet-$(PROTOCOL_NAME)-template.h \ + $(PROTOCOL_NAME).cnf \ + pkix1implicit_exp.cnf + +SRC_FILES = \ + $(EXTRA_DIST) \ + $(EXT_ASN_FILE_LIST) + +A2W_FLAGS= -b + +EXTRA_CNF= \ + $(builddir)/../x509af/x509af-exp.cnf \ + $(builddir)/../x509ce/x509ce-exp.cnf + +$(builddir)/../x509af/x509af-exp.cnf: + (cd $(builddir)/../x509af && $(MAKE_CNF_EXPORT)) + +$(builddir)/../x509ce/x509ce-exp.cnf: + (cd $(builddir)/../x509ce && $(MAKE_CNF_EXPORT)) + diff --git a/epan/dissectors/asn1/pkix1implicit/Makefile.nmake b/epan/dissectors/asn1/pkix1implicit/Makefile.nmake new file mode 100644 index 0000000000..d296638ddd --- /dev/null +++ b/epan/dissectors/asn1/pkix1implicit/Makefile.nmake @@ -0,0 +1,26 @@ +## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + +include ../../../../config.nmake +include ../Makefile.preinc.nmake +include Makefile.common +include ../Makefile.inc.nmake + diff --git a/epan/dissectors/asn1/pkix1implicit/PKIX1IMPLICIT93.asn b/epan/dissectors/asn1/pkix1implicit/PKIX1IMPLICIT93.asn new file mode 100644 index 0000000000..23b8a402f1 --- /dev/null +++ b/epan/dissectors/asn1/pkix1implicit/PKIX1IMPLICIT93.asn @@ -0,0 +1,414 @@ +-- This file is based on PKIX1Implicit93 definition in +-- RFC2459 section b.2 +-- +--Appendix F of RFC2459 +--Appendix F. Full Copyright Statement +-- +-- Copyright (C) The Internet Society (1999). All Rights Reserved. +-- +-- This document and translations of it may be copied and furnished to +-- others, and derivative works that comment on or otherwise explain it +-- or assist in its implementation may be prepared, copied, published +-- and distributed, in whole or in part, without restriction of any +-- kind, provided that the above copyright notice and this paragraph are +-- included on all such copies and derivative works. However, this +-- document itself may not be modified in any way, such as by removing +-- the copyright notice or references to the Internet Society or other +-- Internet organizations, except as needed for the purpose of +-- developing Internet standards in which case the procedures for +-- copyrights defined in the Internet Standards process must be +-- followed, or as required to translate it into languages other than +-- English. +-- +-- The limited permissions granted above are perpetual and will not be +-- revoked by the Internet Society or its successors or assigns. +-- +-- This document and the information contained herein is provided on an +-- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +-- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +-- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +-- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +-- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +-- +-- +--NOTE: This ASN1 definition have been significantly modified from the original +--version in RFC2459 in order to accomodate the featuresets available +--in the Wireshark projects asn2wrs compiler. +--It has also been modified and structures have been commented out that +--are already implemented in the X509 dissectors. +--Dissectors present already in the X509 dissectors should be implemented in +--the template by hand as stubs that will just call the original +--dissector functions in X509 in order not to duplicate code. +-- +--Structures and constructs in this definition are uncommented and +--implemented on-demand when someone needs them. +-- +--If you export new types from this file, make sure to update the +--pkix1implicit_exp.cnf file with the proper definitions + + +PKIX1Implicit93 {iso(1) identified-organization(3) dod(6) internet(1) + security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-93(4)} + +DEFINITIONS IMPLICIT TAGS::= + +BEGIN + +--EXPORTS ALL + +IMPORTS + id-pe, id-qt, id-kp, id-ad, id-qt-unotice, + ORAddress, Name, RelativeDistinguishedName, + CertificateSerialNumber, CertificateList, + AlgorithmIdentifier, ub-name, DirectoryString, + Attribute, EXTENSION + FROM PKIX1Explicit93 {iso(1) identified-organization(3) + dod(6) internet(1) security(5) mechanisms(5) pkix(7) + id-mod(0) id-pkix1-explicit-93(3)} + GeneralName FROM CertificateExtensions; + + +-- Key and policy information extensions +-- +--authorityKeyIdentifier EXTENSION ::= { +-- SYNTAX AuthorityKeyIdentifier +-- IDENTIFIED BY id-ce-authorityKeyIdentifier } +-- +--AuthorityKeyIdentifier ::= SEQUENCE { +-- keyIdentifier [0] KeyIdentifier OPTIONAL, +-- authorityCertIssuer [1] GeneralNames OPTIONAL, +-- authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } +-- ( WITH COMPONENTS {..., authorityCertIssuer PRESENT, +-- authorityCertSerialNumber PRESENT} | +-- WITH COMPONENTS {..., authorityCertIssuer ABSENT, +-- authorityCertSerialNumber ABSENT} ) +-- +KeyIdentifier ::= OCTET STRING +-- +--subjectKeyIdentifier EXTENSION ::= { +-- SYNTAX SubjectKeyIdentifier +-- IDENTIFIED BY id-ce-subjectKeyIdentifier } +-- +--SubjectKeyIdentifier ::= KeyIdentifier +-- +--keyUsage EXTENSION ::= { +-- SYNTAX KeyUsage +-- IDENTIFIED BY id-ce-keyUsage } +-- +--KeyUsage ::= BIT STRING { +-- digitalSignature (0), +-- nonRepudiation (1), +-- keyEncipherment (2), +-- dataEncipherment (3), +-- keyAgreement (4), +-- keyCertSign (5), +-- cRLSign (6), +-- encipherOnly (7), +-- decipherOnly (8) } +-- +--extendedKeyUsage EXTENSION ::= { +-- SYNTAX SEQUENCE SIZE (1..MAX) OF KeyPurposeId +-- IDENTIFIED BY id-ce-extKeyUsage } +-- +Dummy ::= NULL +--KeyPurposeId ::= OBJECT IDENTIFIER +-- +-- PKIX-defined extended key purpose OIDs +--id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } +--id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } +--id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } +--id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } +--id-kp-ipsecEndSystem OBJECT IDENTIFIER ::= { id-kp 5 } +--id-kp-ipsecTunnel OBJECT IDENTIFIER ::= { id-kp 6 } +--id-kp-ipsecUser OBJECT IDENTIFIER ::= { id-kp 7 } +--id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } +-- +--privateKeyUsagePeriod EXTENSION ::= { +-- SYNTAX PrivateKeyUsagePeriod +-- IDENTIFIED BY { id-ce-privateKeyUsagePeriod } } +-- +--PrivateKeyUsagePeriod ::= SEQUENCE { +-- notBefore [0] GeneralizedTime OPTIONAL, +-- notAfter [1] GeneralizedTime OPTIONAL } +-- ( WITH COMPONENTS {..., notBefore PRESENT} | +-- WITH COMPONENTS {..., notAfter PRESENT} ) +-- +--certificatePolicies EXTENSION ::= { +-- SYNTAX CertificatePoliciesSyntax +-- IDENTIFIED BY id-ce-certificatePolicies } +-- +--CertificatePoliciesSyntax ::= +-- SEQUENCE SIZE (1..MAX) OF PolicyInformation +-- +--PolicyInformation ::= SEQUENCE { +-- policyIdentifier CertPolicyId, +-- policyQualifiers SEQUENCE SIZE (1..MAX) OF +-- PolicyQualifierInfo OPTIONAL } +-- +--CertPolicyId ::= OBJECT IDENTIFIER +-- +--PolicyQualifierInfo ::= SEQUENCE { +-- policyQualifierId CERT-POLICY-QUALIFIER.&id +-- ({SupportedPolicyQualifiers}), +-- qualifier CERT-POLICY-QUALIFIER.&Qualifier +-- ({SupportedPolicyQualifiers} +-- {@policyQualifierId})OPTIONAL } +-- +--SupportedPolicyQualifiers CERT-POLICY-QUALIFIER ::= { noticeToUser | +-- pointerToCPS } +-- +--CERT-POLICY-QUALIFIER ::= CLASS { +-- &id OBJECT IDENTIFIER UNIQUE, +-- &Qualifier OPTIONAL } +--WITH SYNTAX { +-- POLICY-QUALIFIER-ID &id +-- [QUALIFIER-TYPE &Qualifier] } +-- +--policyMappings EXTENSION ::= { +-- SYNTAX PolicyMappingsSyntax +-- IDENTIFIED BY id-ce-policyMappings } +-- +--PolicyMappingsSyntax ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE { +-- issuerDomainPolicy CertPolicyId, +-- subjectDomainPolicy CertPolicyId } +-- +-- Certificate subject and certificate issuer attributes extensions +-- +--subjectAltName EXTENSION ::= { +-- SYNTAX GeneralNames +-- IDENTIFIED BY id-ce-subjectAltName } +-- +--GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName +-- +--Imported from X509CE +--GeneralName ::= CHOICE { +-- otherName [0] INSTANCE OF OTHER-NAME, +-- rfc822Name [1] IA5String, +-- dNSName [2] IA5String, +-- x400Address [3] ORAddress, +-- directoryName [4] Name, +-- ediPartyName [5] EDIPartyName, +-- uniformResourceIdentifier [6] IA5String, +-- iPAddress [7] OCTET STRING, +-- registeredID [8] OBJECT IDENTIFIER +--} + +--OTHER-NAME ::= TYPE-IDENTIFIER + +EDIPartyName ::= SEQUENCE { + nameAssigner [0] DirectoryString OPTIONAL, + partyName [1] DirectoryString } + +--issuerAltName EXTENSION ::= { +-- SYNTAX GeneralNames +-- IDENTIFIED BY id-ce-issuerAltName } +-- +--subjectDirectoryAttributes EXTENSION ::= { +-- SYNTAX AttributesSyntax +-- IDENTIFIED BY id-ce-subjectDirectoryAttributes } +-- +--AttributesSyntax ::= SEQUENCE SIZE (1..MAX) OF Attribute +-- +-- Certification path constraints extensions +-- +--basicConstraints EXTENSION ::= { +-- SYNTAX BasicConstraintsSyntax +-- IDENTIFIED BY id-ce-basicConstraints } +-- +--BasicConstraintsSyntax ::= SEQUENCE { +-- cA BOOLEAN DEFAULT FALSE, +-- pathLenConstraint INTEGER (0..MAX) OPTIONAL } +-- +--nameConstraints EXTENSION ::= { +-- SYNTAX NameConstraintsSyntax +-- IDENTIFIED BY id-ce-nameConstraints } +-- +--NameConstraintsSyntax ::= SEQUENCE { +-- permittedSubtrees [0] GeneralSubtrees OPTIONAL, +-- excludedSubtrees [1] GeneralSubtrees OPTIONAL } +-- +--GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree +-- +--GeneralSubtree ::= SEQUENCE { +-- base GeneralName, +-- minimum [0] BaseDistance DEFAULT 0, +-- maximum [1] BaseDistance OPTIONAL } +-- +--BaseDistance ::= INTEGER (0..MAX) +-- +--policyConstraints EXTENSION ::= { +-- SYNTAX PolicyConstraintsSyntax +-- IDENTIFIED BY id-ce-policyConstraints } +-- +--PolicyConstraintsSyntax ::= SEQUENCE { +-- requireExplicitPolicy [0] SkipCerts OPTIONAL, +-- inhibitPolicyMapping [1] SkipCerts OPTIONAL } +-- +-- +--SkipCerts ::= INTEGER (0..MAX) +-- +-- Basic CRL extensions +-- +--cRLNumber EXTENSION ::= { +-- SYNTAX CRLNumber +-- IDENTIFIED BY id-ce-cRLNumber } +-- +--CRLNumber ::= INTEGER (0..MAX) +-- +--reasonCode EXTENSION ::= { +-- SYNTAX CRLReason +-- IDENTIFIED BY id-ce-reasonCode } +-- +--CRLReason ::= ENUMERATED { +-- unspecified (0), +-- keyCompromise (1), +-- cACompromise (2), +-- affiliationChanged (3), +-- superseded (4), +-- cessationOfOperation (5), +-- certificateHold (6), +-- removeFromCRL (8) } +-- +--instructionCode EXTENSION ::= { +-- SYNTAX HoldInstruction +-- IDENTIFIED BY id-ce-instructionCode } +-- +--HoldInstruction ::= OBJECT IDENTIFIER +-- +-- holdinstructions described in this specification, from ANSI x9 +-- +-- ANSI x9 arc holdinstruction arc +--holdInstruction OBJECT IDENTIFIER ::= { +-- joint-iso-ccitt(2) member-body(2) us(840) x9cm(10040) 2} +-- +-- ANSI X9 holdinstructions referenced by this standard +--id-holdinstruction-none OBJECT IDENTIFIER ::= {holdInstruction 1} +--id-holdinstruction-callissuer OBJECT IDENTIFIER ::= {holdInstruction 2} +--id-holdinstruction-reject OBJECT IDENTIFIER ::= {holdInstruction 3} +-- +--invalidityDate EXTENSION ::= { +-- SYNTAX GeneralizedTime +-- IDENTIFIED BY id-ce-invalidityDate } +-- +-- CRL distribution points and delta-CRL extensions +-- +--cRLDistributionPoints EXTENSION ::= { +-- +-- SYNTAX CRLDistPointsSyntax +-- IDENTIFIED BY id-ce-cRLDistributionPoints } +-- +--CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint +-- +--DistributionPoint ::= SEQUENCE { +-- distributionPoint [0] DistributionPointName OPTIONAL, +-- reasons [1] ReasonFlags OPTIONAL, +-- cRLIssuer [2] GeneralNames OPTIONAL } +-- +--DistributionPointName ::= CHOICE { +-- fullName [0] GeneralNames, +-- nameRelativeToCRLIssuer [1] RelativeDistinguishedName } +-- +--ReasonFlags ::= BIT STRING { +-- unused (0), +-- keyCompromise (1), +-- caCompromise (2), +-- affiliationChanged (3), +-- superseded (4), +-- cessationOfOperation (5), +-- certificateHold (6) } +-- +--issuingDistributionPoint EXTENSION ::= { +-- SYNTAX IssuingDistPointSyntax +-- IDENTIFIED BY id-ce-issuingDistributionPoint } +-- +--IssuingDistPointSyntax ::= SEQUENCE { +-- distributionPoint [0] DistributionPointName OPTIONAL, +-- onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE, +-- onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, +-- onlySomeReasons [3] ReasonFlags OPTIONAL, +-- indirectCRL [4] BOOLEAN DEFAULT FALSE } +-- +--certificateIssuer EXTENSION ::= { +-- SYNTAX GeneralNames +-- IDENTIFIED BY id-ce-certificateIssuer } +-- +--deltaCRLIndicator EXTENSION ::= { +-- SYNTAX BaseCRLNumber +-- IDENTIFIED BY id-ce-deltaCRLIndicator } +-- +--BaseCRLNumber ::= CRLNumber +-- +-- Object identifier assignments for ISO certificate extensions +--id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} +-- +--id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= {id-ce 9} +-- +--id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 14} +--id-ce-keyUsage OBJECT IDENTIFIER ::= {id-ce 15} +--id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= {id-ce 16} +--id-ce-subjectAltName OBJECT IDENTIFIER ::= {id-ce 17} +--id-ce-issuerAltName OBJECT IDENTIFIER ::= {id-ce 18} +--id-ce-basicConstraints OBJECT IDENTIFIER ::= {id-ce 19} +--id-ce-cRLNumber OBJECT IDENTIFIER ::= {id-ce 20} +--id-ce-reasonCode OBJECT IDENTIFIER ::= {id-ce 21} +--id-ce-instructionCode OBJECT IDENTIFIER ::= {id-ce 23} +--id-ce-invalidityDate OBJECT IDENTIFIER ::= {id-ce 24} +--id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= {id-ce 27} +--id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 28} +--id-ce-certificateIssuer OBJECT IDENTIFIER ::= {id-ce 29} +--id-ce-nameConstraints OBJECT IDENTIFIER ::= {id-ce 30} +--id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31} +--id-ce-certificatePolicies OBJECT IDENTIFIER ::= {id-ce 32} +--id-ce-policyMappings OBJECT IDENTIFIER ::= {id-ce 33} +--id-ce-policyConstraints OBJECT IDENTIFIER ::= {id-ce 36} +--id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 35} +--id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37} +-- +-- PKIX 1 extensions +-- +--authorityInfoAccess EXTENSION ::= { +-- SYNTAX AuthorityInfoAccessSyntax +-- IDENTIFIED BY id-pe-authorityInfoAccess } + +AuthorityInfoAccessSyntax ::= + SEQUENCE SIZE (1..MAX) OF AccessDescription + +AccessDescription ::= SEQUENCE { + accessMethod OBJECT IDENTIFIER, + accessLocation GeneralName } + +--id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 } +-- +--id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 } +--id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 } +-- +-- PKIX policy qualifier definitions +-- +--noticeToUser CERT-POLICY-QUALIFIER ::= { +-- POLICY-QUALIFIER-ID id-qt-cps QUALIFIER-TYPE CPSuri} +-- +--pointerToCPS CERT-POLICY-QUALIFIER ::= { +-- POLICY-QUALIFIER-ID id-qt-unotice QUALIFIER-TYPE UserNotice} +-- +--id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 } +-- +--id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 } +-- +--CPSuri ::= IA5String +-- +UserNotice ::= SEQUENCE { + noticeRef NoticeReference OPTIONAL, + explicitText DisplayText OPTIONAL} + +NoticeReference ::= SEQUENCE { + organization DisplayText, + noticeNumbers SEQUENCE OF INTEGER } + +DisplayText ::= CHOICE { + ia5String IA5String, + visibleString VisibleString, + bmpString BMPString, + utf8String UTF8String } + + +END diff --git a/epan/dissectors/asn1/pkix1implicit/packet-pkix1implicit-template.c b/epan/dissectors/asn1/pkix1implicit/packet-pkix1implicit-template.c new file mode 100644 index 0000000000..c184514bb8 --- /dev/null +++ b/epan/dissectors/asn1/pkix1implicit/packet-pkix1implicit-template.c @@ -0,0 +1,91 @@ +/* packet-pkix1implicit.c + * Routines for PKIX1Implitic packet dissection + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#include <epan/packet.h> + +#include <epan/asn1.h> +#include "packet-ber.h" +#include "packet-pkix1implicit.h" +#include "packet-pkix1explicit.h" +#include "packet-x509ce.h" + +#define PNAME "PKIX1Implitit" +#define PSNAME "PKIX1IMPLICIT" +#define PFNAME "pkix1implicit" + +void proto_register_pkix1implicit(void); +void proto_reg_handoff_pkix1implicit(void); + +/* Initialize the protocol and registered fields */ +static int proto_pkix1implicit = -1; +#include "packet-pkix1implicit-hf.c" + +/* Initialize the subtree pointers */ +#include "packet-pkix1implicit-ett.c" + + +int +dissect_pkix1implicit_ReasonFlags(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) { + offset = dissect_x509ce_ReasonFlags(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} +int +dissect_pkix1implicit_GeneralName(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) { + offset = dissect_x509ce_GeneralName(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} + +#include "packet-pkix1implicit-fn.c" + + +/*--- proto_register_pkix1implicit ----------------------------------------------*/ +void proto_register_pkix1implicit(void) { + + /* List of fields */ + static hf_register_info hf[] = { +#include "packet-pkix1implicit-hfarr.c" + }; + + /* List of subtrees */ + static gint *ett[] = { +#include "packet-pkix1implicit-ettarr.c" + }; + + /* Register protocol */ + proto_pkix1implicit = proto_register_protocol(PNAME, PSNAME, PFNAME); + + /* Register fields and subtrees */ + proto_register_field_array(proto_pkix1implicit, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + +} + + +/*--- proto_reg_handoff_pkix1implicit -------------------------------------------*/ +void proto_reg_handoff_pkix1implicit(void) { +#include "packet-pkix1implicit-dis-tab.c" +} + diff --git a/epan/dissectors/asn1/pkix1implicit/packet-pkix1implicit-template.h b/epan/dissectors/asn1/pkix1implicit/packet-pkix1implicit-template.h new file mode 100644 index 0000000000..f4e51a2b3c --- /dev/null +++ b/epan/dissectors/asn1/pkix1implicit/packet-pkix1implicit-template.h @@ -0,0 +1,32 @@ +/* packet-pkix1implicit.h + * Routines for PKIX1Implicit packet dissection + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef PACKET_PKIX1IMPLICIT_H +#define PACKET_PKIX1IMPLICIT_H + +int dissect_pkix1implicit_GeneralName(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_); +int dissect_pkix1implicit_ReasonFlags(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_); + +#include "packet-pkix1implicit-exp.h" + +#endif /* PACKET_PKIX1IMPLICIT_H */ + diff --git a/epan/dissectors/asn1/pkix1implicit/pkix1implicit.cnf b/epan/dissectors/asn1/pkix1implicit/pkix1implicit.cnf new file mode 100644 index 0000000000..71ebc6c853 --- /dev/null +++ b/epan/dissectors/asn1/pkix1implicit/pkix1implicit.cnf @@ -0,0 +1,74 @@ +# pkix1implicit.cnf +# pkix1implicit conformation file + +#.MODULE_IMPORT +PKIX1Explicit93 pkix1explicit + +#.INCLUDE ../pkix1explicit/pkix1explicit_exp.cnf +#.IMPORT ../x509ce/x509ce-exp.cnf + +#.OMIT_ASSIGNMENT +EDIPartyName +#.END + +#.EXPORTS + +AuthorityInfoAccessSyntax +KeyIdentifier +UserNotice + +#.PDU + +#.REGISTER +AuthorityInfoAccessSyntax B "1.3.6.1.5.5.7.1.1" "id-pe-authorityInfoAccessSyntax" +Dummy B "1.3.6.1.5.5.7.3.1" "id-kp-serverAuth" +Dummy B "1.3.6.1.5.5.7.3.2" "id-kp-clientAuth" +Dummy B "1.3.6.1.5.5.7.3.3" "id-kp-codeSigning" +Dummy B "1.3.6.1.5.5.7.3.4" "id-kp-emailProtection" +Dummy B "1.3.6.1.5.5.7.3.5" "id-kp-ip-kp-ipsecEndSystem" +Dummy B "1.3.6.1.5.5.7.3.6" "id-kp-ipsecTunnel" +Dummy B "1.3.6.1.5.5.7.3.7" "id-kp-ipsecUser" +Dummy B "1.3.6.1.5.5.7.3.8" "id-kp-timeStamping" +Dummy B "1.3.6.1.5.5.7.3.9" "OCSPSigning" + +# Additional MS Enhanced Key Usage OIDs (see http://msdn2.microsoft.com/en-us/library/aa378155.aspx) + +Dummy B "1.3.6.1.4.1.311.10.12.1" "id-ms-any-application-policy" +Dummy B "1.3.6.1.4.1.311.10.3.1" "id-ms-kp-ctl-usage-signing" +Dummy B "1.3.6.1.4.1.311.10.3.2" "id-ms-kp-time-stamp-signing" +Dummy B "1.3.6.1.4.1.311.10.3.4" "id-ms-kp-efs" +Dummy B "1.3.6.1.4.1.311.10.3.4.1" "id-ms-efs-recovery" +Dummy B "1.3.6.1.4.1.311.10.3.5" "id-ms-whql-crypto" +Dummy B "1.3.6.1.4.1.311.10.3.6" "id-ms-nt5-crypto" +Dummy B "1.3.6.1.4.1.311.10.3.7" "id-ms-oem-whql-crypto" +Dummy B "1.3.6.1.4.1.311.10.3.8" "id-ms-embedded-nt-crypto" +Dummy B "1.3.6.1.4.1.311.10.3.9" "id-ms-root-list-signer" +Dummy B "1.3.6.1.4.1.311.10.3.10" "id-ms-kp-qualified-subordination" +Dummy B "1.3.6.1.4.1.311.10.3.11" "id-ms-kp-key-recovery" +Dummy B "1.3.6.1.4.1.311.10.3.12" "id-ms-kp-document-signing" +Dummy B "1.3.6.1.4.1.311.10.3.13" "id-ms-kp-lifetime-signing" + +Dummy B "1.3.6.1.4.1.311.10.5.1" "id-ms-drm" + +Dummy B "1.3.6.1.4.1.311.10.6.1" "id-ms-licenses" +Dummy B "1.3.6.1.4.1.311.10.6.2" "id-ms-license-server" + +Dummy B "1.3.6.1.4.1.311.20.1" "id-ms-auto-enroll-ctl-usage" +Dummy B "1.3.6.1.4.1.311.20.2.1" "id-ms-enrollment-agent" +Dummy B "1.3.6.1.4.1.311.20.2.2" "id-ms-kp-smartcard-logon" +Dummy B "1.3.6.1.4.1.311.21.5" "id-ms-kp-ca-exchange" +Dummy B "1.3.6.1.4.1.311.21.6" "id-ms-kp-key-recovery-agent" +Dummy B "1.3.6.1.4.1.311.21.19" "id-ms-ds-email-replication" + +Dummy B "1.3.6.1.5.5.8.2.2" "id-ms-ipsec-kp-ike-intermediate" + +UserNotice B "1.3.6.1.5.5.7.2.2" "id-qt-unotice" + +#.NO_EMIT + +#.TYPE_RENAME + +#.FIELD_RENAME + +#.END + diff --git a/epan/dissectors/asn1/pkix1implicit/pkix1implicit_exp.cnf b/epan/dissectors/asn1/pkix1implicit/pkix1implicit_exp.cnf new file mode 100644 index 0000000000..98897dd6f9 --- /dev/null +++ b/epan/dissectors/asn1/pkix1implicit/pkix1implicit_exp.cnf @@ -0,0 +1,16 @@ +#.IMPORT_TAG +AuthorityInfoAccessSyntax BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +GeneralName BER_CLASS_CON -1/*choice*/ +KeyIdentifier BER_CLASS_UNI BER_UNI_TAG_OCTETSTRING +ReasonFlags BER_CLASS_UNI BER_UNI_TAG_BITSTRING +UserNotice BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +#.END + +#.TYPE_ATTR +AuthorityInfoAccessSyntax TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +GeneralName TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +KeyIdentifier TYPE = FT_BYTES DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +ReasonFlags TYPE = FT_BYTES DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +UserNotice TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +#.END + |