# x509sat.cnf
# X509SAT conformation file

# $Id$

#.TYPE_ATTR
GUID			TYPE = FT_GUID  DISPLAY = BASE_NONE  STRING = NULL BITMASK = 0

#.IMPORT ../x509if/x509if-exp.cnf
#.IMPORT ../x411/x411-exp.cnf

#.CLASS CONTEXT
&Type       
&Assertion  
&id         ObjectIdentifierType
#.END
#.CLASS ATTRIBUTE
&derivation            ClassReference ATTRIBUTE
&Type                  
&equality-match        ClassReference MATCHING-RULE
&ordering-match        ClassReference MATCHING-RULE
&substrings-match      ClassReference MATCHING-RULE
&single-valued         BooleanType
&collective            BooleanType
&no-user-modification  BooleanType
&usage                 TypeReference AttributeUsage
&id                    ObjectIdentifierType
#.END
#.CLASS MATCHING-RULE
&ParentMatchingRules   ClassReference MATCHING-RULE
&AssertionType         
&uniqueMatchIndicator  ClassReference ATTRIBUTE
&id                    ObjectIdentifierType
#.END
#.MODULE_EXPORTS
CaseIgnoreListMatch
CountryName
Criteria
#DayTime
DayTimeBand
DestinationIndicator
DirectoryString
EnhancedGuide
FacsimileTelephoneNumber
InternationalISDNNumber
LanguageContextSyntax
LocaleContextSyntax
MultipleMatchingLocalities
NameAndOptionalUID
NamedDay
OctetSubstringAssertion
Period
PostalAddress
PreferredDeliveryMethod
PresentationAddress
ProtocolInformation
SubstringAssertion
TimeAssertion
TimeSpecification
TimeZone
UniqueIdentifier
X121Address
XDayOf
ZonalResult
ZonalSelect

#.PDU
CaseIgnoreListMatch
CountryName
DestinationIndicator
DirectoryString
EnhancedGuide
FacsimileTelephoneNumber
Guide
InternationalISDNNumber
NameAndOptionalUID
PostalAddress
PreferredDeliveryMethod
PresentationAddress
TelephoneNumber
TelexNumber
UniqueIdentifier
X121Address

#.REGISTER
ObjectIdentifier        B "2.5.4.0"   "id-at-objectClass"
#  - see x509if.cnf for "id-at-aliasedEntryName"
DirectoryString         B "2.5.4.2"    "id-at-knowledgeInformation"
DirectoryString         B "2.5.4.3"    "id-at-commonName"
DirectoryString         B "2.5.4.4"    "id-at-surname"
SyntaxPrintableString	B "2.5.4.5"    "id-at-serialNumber"
CountryName             B "2.5.4.6"    "id-at-countryName"
DirectoryString         B "2.5.4.7"    "id-at-localityName"
DirectoryString         B "2.5.4.7.1"  "id-at-collectiveLocalityName"
DirectoryString         B "2.5.4.8"    "id-at-stateOrProvinceName"
DirectoryString         B "2.5.4.8.1"  "id-at-collectiveStateOrProvinceName"
DirectoryString         B "2.5.4.9"    "id-at-streetAddress"
DirectoryString         B "2.5.4.9.1"  "id-at-collectiveStreetAddress"
DirectoryString         B "2.5.4.10.1" "id-at-collectiveOrganizationName"
DirectoryString         B "2.5.4.10"   "id-at-organizationName"
DirectoryString         B "2.5.4.11"   "id-at-organizationalUnitName"
DirectoryString         B "2.5.4.11.1" "id-at-collectiveOrganizationalUnitName"
DirectoryString         B "2.5.4.12"   "id-at-title"
DirectoryString         B "2.5.4.13"   "id-at-description"
Guide			        B "2.5.4.14"   "id-at-searchGuide"
DirectoryString         B "2.5.4.15"   "id-at-businessCategory"
PostalAddress           B "2.5.4.16"   "id-at-postalAddress"
DirectoryString         B "2.5.4.17"   "id-at-postalCode"
DirectoryString         B "2.5.4.17.1" "id-at-collectivePostalCode"
DirectoryString         B "2.5.4.18"   "id-at-postOfficeBox"
DirectoryString         B "2.5.4.18.1" "id-at-collectivePostOfficeBox"
DirectoryString         B "2.5.4.19"   "id-at-physicalDeliveryOfficeName"
DirectoryString         B "2.5.4.19.1" "id-at-collectivePhysicalDeliveryOfficeName"
TelephoneNumber         B "2.5.4.20"   "id-at-telephoneNumber"
TelephoneNumber         B "2.5.4.20.1" "id-at-collectiveTelephoneNumber"
TelexNumber             B "2.5.4.21"   "id-at-telexNumber"
TelexNumber             B "2.5.4.21.1" "id-at-collectiveTelexNumber"
# "id-at-teletexTerminalIdentifier" - what syntax?
FacsimileTelephoneNumber B "2.5.4.23" "id-at-facsimileTelephoneNumber"
FacsimileTelephoneNumber B "2.5.4.23.1" "id-at-collectiveFacsimileTelephoneNumber"
X121Address             B "2.5.4.24"   "id-at-x121Address"
InternationalISDNNumber B "2.5.4.25" "id-at-internationalISDNNumber"
InternationalISDNNumber B "2.5.4.25.1" "id-at-collectiveInternationalISDNNumber"
PostalAddress           B "2.5.4.26" "id-at-registeredAddress"
DestinationIndicator    B "2.5.4.27" "id-at-destinationIndicator"
PreferredDeliveryMethod B "2.5.4.28" "id-at-preferredDeliveryMethod"
PresentationAddress     B "2.5.4.29" "id-at-presentationAddress"
ObjectIdentifier        B "2.5.4.30" "id-at-supportedApplicationContext"
# "id-at-member" - see x509if.cnf
# "id-at-owner" - see x509if.cnf
# "id-at-roleOccupant" - see x509if.cnf
# "id-at-seeAlso" - see x509if.cnf
OctetString        B "2.5.4.35" "id-at-userPassword"
# "id-at-userCertificate" - see x509af.cnf
# "id-at-cACertificate" - see x509af.cnf
# "id-at-authorityRevocationList" - see x509af.cnf
# "id-at-certificateRevocationList" - see x509af.cnf
# "id-at-crossCertificatePair" - see x509af.cnf
DirectoryString         B "2.5.4.41"   "id-at-name"
DirectoryString         B "2.5.4.42"   "id-at-givenName"
DirectoryString         B "2.5.4.43"   "id-at-initials"
DirectoryString         B "2.5.4.44"   "id-at-generationQualifier"
UniqueIdentifier        B "2.5.4.45"  "id-at-uniqueIdedntifier"
SyntaxPrintableString    B "2.5.4.46"	"id-at-dnQualifier"
EnhancedGuide           B "2.5.4.47"	"id-at-enhancedSearchGuide"
ProtocolInformation     B "2.5.4.48" "id-at-protocolInformation"
# 49 "id-at-distinguishedName" - see x509if.cnf
NameAndOptionalUID      B "2.5.4.50" "id-at-uniqueMember"
DirectoryString         B "2.5.4.51"   "id-at-houseIdentifier"
ObjectIdentifier        B "2.5.4.52"	"id-at-supportedAlgorithms"
# 53 "id-at-deltaRevocationList" - what syntax?
DirectoryString         B "2.5.4.54"   "id-at-dmdName"
#Clearance				B "2.5.4.55"	"id-at-clearance"
# 56 "id-at-defaultDirQop" - what syntax?
# 56 "id-at-attributeIntegrityInfo" - what syntax?
# 58 "id-at-attributeCertificate" - see x509af.cnf
# 59 "id-at-attributeCertificateRevocationLIst" - see x509af.cnf
# 60 "id-at-confKeyInfo" - what syntax?
# 61 ? aACertificate(61)
# 62 ? attributeDescriptorCertificate(62)
# 63 ? attributeAuthorityRevocationList(63) 
# 64 "id-at-familyInformation" - what syntax?
DirectoryString        B "2.5.4.65"   "id-at-pseudonym"
ObjectIdentifier       B "2.5.4.66" "id-at-communuicationsService"
ObjectIdentifier       B "2.5.4.67" "id-at-communuicationsNetwork"

SyntaxNumericString	   B "2.5.13.8" "id-mr-numericStringMatch"
CaseIgnoreListMatch	   B "2.5.13.11" "id-mr-caseIgnoreListMatch"
BitString			   B "2.5.13.16" "id-mr-bitStringMatch"
SyntaxUTCTime		   B "2.5.13.26" "id-mr-uTCTimeOrderingMatch"

SyntaxGeneralizedTime  B "2.5.18.1" "id-oa-createTimeStamp"	
SyntaxGeneralizedTime  B "2.5.18.2" "id-oa-modifyTimeStamp"	
ObjectIdentifier       B "2.5.18.5" "id-oa-administrativeRole"
ObjectIdentifier       B "2.5.18.7" "id-oa-collectiveExclusions"
SyntaxGeneralizedTime  B "2.5.18.8" "id-oa-subschemaTimeStamp"	
Boolean		           B "2.5.18.9" "id-oa-hasSubordinates"
#id-oa-subschemaSubentryList OBJECT IDENTIFIER ::= {id-oa 10}
#id-oa-accessControlSubentryList OBJECT IDENTIFIER ::= {id-oa 11}
#id-oa-collectiveAttributeSubentryList OBJECT IDENTIFIER ::= {id-oa 12}
#id-oa-contextDefaultSubentryList OBJECT IDENTIFIER ::= {id-oa 13}
#id-oa-contextAssertionDefault OBJECT IDENTIFIER ::= {id-oa 14}
#id-oa-serviceAdminSubentryList OBJECT IDENTIFIER ::= {id-oa 15}
#id-oa-searchRules OBJECT IDENTIFIER ::= {id-oa 16}
#id-oa-hierarchyLevel OBJECT IDENTIFIER ::= {id-oa 17}
#id-oa-hierarchyBelow OBJECT IDENTIFIER ::= {id-oa 18}
#id-oa-hierarchyParent OBJECT IDENTIFIER ::= {id-oa 19}

ObjectIdentifier       B "2.5.24.1" "id-aca-accessControlScheme"

# X402 - see master list in acp133.cnf
ObjectIdentifier B "2.6.5.2.8" "id-at-mhs-supported-automatic-actions"
ObjectIdentifier B "2.6.5.2.10" "id-at-mhs-supported-attributes"
ObjectIdentifier B "2.6.5.2.11" "id-at-mhs-supported-matching-rules"

# ACP133 - see master list in acp133.cnf

DirectoryString B "2.16.840.1.101.2.2.1.45" "id-at-releaseAuthorityName"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.51" "id-at-cognizantAuthority"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.53" "id-at-accountingCode"
Boolean B "2.16.840.1.101.2.2.1.54" "id-at-dualRoute"
SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.55" "id-at-effectiveDate"
SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.57" "id-at-expirationDate"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.58" "id-at-hostOrgACP127"
SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.60" "id-at-lastRecapDate"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.62" "id-at-lmf"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.63" "id-at-longTitle"
Boolean B "2.16.840.1.101.2.2.1.64" "id-at-minimize"
Boolean B "2.16.840.1.101.2.2.1.65" "id-at-minimizeOverride"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.68" "id-at-nationality"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.68.1" "id-at-collectiveNationality"
Boolean B "2.16.840.1.101.2.2.1.69" "id-at-transferStation"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.70" "id-at-plaNameACP127"
Boolean B "2.16.840.1.101.2.2.1.72" "id-at-plaReplace"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.73" "id-at-primarySpellingACP127"
Boolean B "2.16.840.1.101.2.2.1.74" "id-at-publish"
SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.75" "id-at-recapDueDate"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.77" "id-at-rI"
Boolean B "2.16.840.1.101.2.2.1.81" "id-at-section"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.82" "id-at-serviceOrAgency"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.83" "id-at-sHD"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.84" "id-at-shortTitle"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.85" "id-at-sigad"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.86" "id-at-spot"
Boolean B "2.16.840.1.101.2.2.1.87" "id-at-tARE"
TelephoneNumber B "2.16.840.1.101.2.2.1.94" "id-at-aCPMobileTelephoneNumber"
TelephoneNumber B "2.16.840.1.101.2.2.1.95" "id-at-aCPPagerTelephoneNumber"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.96" "id-at-tCC"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.97" "id-at-tRC"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.106" "id-at-accessCodes"
SyntaxGraphicString B "2.16.840.1.101.2.2.1.107" "id-at-accessSchema"
TelephoneNumber B "2.16.840.1.101.2.2.1.109" "id-at-aCPTelephoneFaxNumber"
ObjectIdentifier B "2.16.840.1.101.2.2.1.115" "id-at-gatewayType"
ObjectIdentifier B "2.16.840.1.101.2.2.1.116" "id-at-ghpType"
DirectoryString B "2.16.840.1.101.2.2.1.118" "id-at-mailDomains"
TelephoneNumber B "2.16.840.1.101.2.2.1.119" "id-at-militaryFacsimileNumber"
TelephoneNumber B "2.16.840.1.101.2.2.1.119.1" "id-at-collectiveMilitaryFacsimileNumber"
TelephoneNumber B "2.16.840.1.101.2.2.1.120" "id-at-militaryTelephoneNumber"
TelephoneNumber B "2.16.840.1.101.2.2.1.120.1" "id-at-collectiveMilitaryTelephoneNumber"
SyntaxGraphicString B "2.16.840.1.101.2.2.1.122" "id-at-networkSchema"
DirectoryString B "2.16.840.1.101.2.2.1.124" "id-at-operationName"
DirectoryString B "2.16.840.1.101.2.2.1.125" "id-at-positionNumber"
DirectoryString B "2.16.840.1.101.2.2.1.126" "id-at-proprietaryMailboxes"
TelephoneNumber B "2.16.840.1.101.2.2.1.127" "id-at-secureFacsimileNumber"
TelephoneNumber B "2.16.840.1.101.2.2.1.127.1" "id-at-collectiveSecureFacsimileNumber"
TelephoneNumber B "2.16.840.1.101.2.2.1.128" "id-at-secureTelephoneNumber"
TelephoneNumber B "2.16.840.1.101.2.2.1.128.1" "id-at-collectiveSecureTelephoneNumber"
DirectoryString B "2.16.840.1.101.2.2.1.129" "id-at-serviceNumber"
DirectoryString B "2.16.840.1.101.2.2.1.133" "id-at-rank"
DirectoryString B "2.16.840.1.101.2.2.1.143" "id-at-adminConversion"
SyntaxPrintableString B "2.16.840.1.101.2.2.1.144" "id-at-tCCG"
DirectoryString B "2.16.840.1.101.2.2.1.145" "id-at-usdConversion"

# PKCS#9

SyntaxIA5String	B "1.2.840.113549.1.9.1"	"pkcs-9-at-emailAddress"
#PKCS9String	B "1.2.840.113549.1.9.2"	"pkcs-9-at-unstructuredName" - TBD
#ContentType	B "1.2.840.113549.1.9.3"	"pkcs-9-at-contentType" - see cms.cnf
#MessageDigest 	B "1.2.840.113549.1.9.4"	"pkcs-9-at-messageDigest" - see cms.cnf
#SigningTime	B "1.2.840.113549.1.9.5"	"pkcs-9-at-signingTime" - see cms.cnf
#Countersignature	B "1.2.840.113549.1.9.6"	"pkcs-9-at-counterSignature" - see cms.cnf
DirectoryString	B "1.2.840.113549.1.9.7"	"pkcs-9-at-challengePassword"
DirectoryString	B "1.2.840.113549.1.9.8"	"pkcs-9-at-unstructuredAddress"
#SETOFAttribute	B "1.2.840.113549.1.9.9"	"pkcs-9-at-extendedCertificateAttributes" - TBD
DirectoryString	B "1.2.840.113549.1.9.13"	"pkcs-9-at-signingDescription"
#ExtensionRequest	B "1.2.840.113549.1.9.14"	"pkcs-9-at-extensionRequest" - TBD
#SMIMECapabiliaties	B "1.2.840.113549.1.9.15"	"pkcs-9-at-smimeCapabilities" - TBD
SyntaxBMPString	B "1.2.840.113549.1.9.20"	"pkcs-9-at-friendlyName"
OctetString	B "1.2.840.113549.1.9.21"	"pkcs-9-at-localKeyId"
#PFX		B "2.16.840.1.113730.3.1.216"   "pkcs-9-at-PKCS12" - see pkcs12.cnf
#PKCS15Token	B "1.2.840.113549.1.9.25.1"	"pkcs-9-at-pkcs15Token" - TBD
#EncryptedPrivateKeyInfo	B "1.2.840.113549.1.9.25.2"	"pkcs-9-at-encryptedPrivateKeyInfo" - see pkcs12.cnf
OctetString	B "1.2.840.113549.1.9.25.3"	"pkcs-9-at-randomNonce" # move to PKCS#9 when defined
Integer		B "1.2.840.113549.1.9.25.4"	"pkcs-9-at-sequenceNumber" # move to PKCS#9 when defined
#ContentInfo	B "1.2.840.113549.1.9.25.5"	"pkcs-9-at-pkcs7PDU" - TBD - not the same as CMS ContentInfo

SyntaxGeneralizedTime B "1.3.6.1.5.5.7.9.1"		"pkcs-9-at-dateOfBirth"
DirectoryString	B "1.3.6.1.5.5.7.9.2"		"pkcs-9-at-placeOfBirth"
SyntaxPrintableString	B "1.3.6.1.5.5.7.9.3"		"pkcs-9-at-gender"
SyntaxPrintableString B "1.3.6.1.5.5.7.9.4"		"pkcs-9-at-countryOfCitizenship"
SyntaxPrintableString	B "1.3.6.1.5.5.7.9.5"		"pkcs-9-at-countryOfResidence"

# RFC 2247
SyntaxIA5String B "0.9.2342.19200300.100.1.25" "dc"

# Microsoft-specific
# GeneralName other-name
SyntaxBMPString	B "1.3.6.1.4.1.311.20.2"	"id-ms-certificate-template-name"
SyntaxUTF8String B "1.3.6.1.4.1.311.20.2.3" 	"id-ms-user-principal-name"
SyntaxBMPString B "1.3.6.1.4.1.311.17.1" 	"id-ms-local-machine-keyset"
Integer	B	"1.3.6.1.4.1.311.21.1"		"id-ms-ca-version"

# unknown X.420 PerRecipientExtensionField
Integer B "1.2.826.0.1063.7.0.0.0" "unknown-UK-organisation-defined-extension"

# NEXOR Originating UA
SyntaxIA5String			B "1.2.826.0.1004.10.1.1" "nexor-originating-ua"

# X.420 Message Store Attributes - see x420.cnf
Boolean		B	"2.6.1.6.3"	"id-sat-ipm-auto-discarded"

# RFC 4530
GUID	B 	"1.3.6.1.1.16.4"	"entryUUID"

# Guidelines for Extended Validation Certificates (http://www.cabforum.org/EV_Certificate_Guidelines_draft11.pdf)
DirectoryString	B "1.3.6.1.4.1.311.60.2.1.1" "jurisdictionOfIncorporationLocalityName"
DirectoryString	B "1.3.6.1.4.1.311.60.2.1.2" "jurisdictionOfIncorporationStateOrProvinceName"
CountryName	B "1.3.6.1.4.1.311.60.2.1.3" "jurisdictionOfIncorporationCountryName"

#.NO_EMIT

#.TYPE_RENAME

#.FIELD_RENAME
OctetSubstringAssertion/_item/any	any_substring
OctetSubstringAssertion/_item/final	finall_substring
OctetSubstringAssertion/_item/initial	initial_substring
XDayOf/first				first_dayof
XDayOf/second				second_dayof
XDayOf/third				third_dayof
XDayOf/fourth				fourth_dayof
XDayOf/fifth				fifth_dayof

#.FN_PARS SyntaxBMPString VAL_PTR = &wide_tvb

#.FN_HDR SyntaxBMPString
	tvbuff_t	*wide_tvb = NULL;
	char		*string;
#.END
	
#.FN_FTR SyntaxBMPString
	if (! wide_tvb) {
		return offset;
	}
	string = tvb_get_ephemeral_faked_unicode (wide_tvb, 0, tvb_length(wide_tvb) / 2, FALSE);
	proto_item_append_text(actx->created_item, " %s", string);	

#.END

#.FN_BODY GUID
  gint8 class;
  gboolean pc;
  gint32 tag;
  guint32 len;
  e_guid_t uuid;

  if(!implicit_tag){
    offset=dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &class, &pc, &tag);
    offset=dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, NULL);
  } else {
    gint32 remaining=tvb_length_remaining(tvb, offset);
    len=remaining>0 ? remaining : 0;
  }

  tvb_get_ntohguid (tvb, offset, &uuid);
  actx->created_item = proto_tree_add_guid(tree, hf_index, tvb, offset, len, &uuid);
#.END

#.END