# pkcs12.cnf # PKCS12 conformation file #.MODULE_IMPORT PKCS-7 cms PKCS-5 x509af #.IMPORT ../cms/cms-exp.cnf #.IMPORT ../x509if/x509if-exp.cnf #.IMPORT ../x509af/x509af-exp.cnf #.EXPORTS #.REGISTER KeyBag B "1.2.840.113549.1.12.10.1.1" "keyBag" PKCS8ShroudedKeyBag B "1.2.840.113549.1.12.10.1.2" "pkcs8ShroudedKeyBag" CertBag B "1.2.840.113549.1.12.10.1.3" "certBag" SecretBag B "1.2.840.113549.1.12.10.1.4" "secretBag" CRLBag B "1.2.840.113549.1.12.10.1.5" "crlBag" SafeContents B "1.2.840.113549.1.12.10.1.6" "safeContentsBag" # PKCS#9 Attributes - see master list in x509sat.cnf PFX B "2.16.840.1.113730.3.1.216" "pkcs-9-at-PKCS12" EncryptedPrivateKeyInfo B "1.2.840.113549.1.9.25.2" "pkcs-9-at-encryptedPrivateKeyInfo" # Password Based Encryption PBEParameter B "1.2.840.113549.1.12.1.1" "pbeWithSHAAnd128BitRC4" PBEParameter B "1.2.840.113549.1.12.1.2" "pbeWithSHAAnd40BitRC4" PBEParameter B "1.2.840.113549.1.12.1.3" "pbeWithSHAAnd3-KeyTripleDES-CBC" PBEParameter B "1.2.840.113549.1.12.1.4" "pbeWithSHAAnd2-KeyTripleDES-CBC" PBEParameter B "1.2.840.113549.1.12.1.5" "pbeWithSHAAnd128BitRC2-CBC" PBEParameter B "1.2.840.113549.1.12.1.6" "pbeWithSHAAnd40BitRC2-CBC" PBEParameter B "1.2.840.113549.1.5.1" "pbeWithMD2AndDES-CBC" PBEParameter B "1.2.840.113549.1.5.3" "pbeWithMD5AndDES-CBC" PBEParameter B "1.2.840.113549.1.5.4" "pbeWithMD2AndRC2-CBC" PBEParameter B "1.2.840.113549.1.5.6" "pbeWithMD5AndRC2-CBC" PBEParameter B "1.2.840.113549.1.5.10" "pbeWithSHA1AndDES-CBC" PBEParameter B "1.2.840.113549.1.5.11" "pbeWithSHA1AndRC2-CBC" PBKDF2Params B "1.2.840.113549.1.5.12" "id-PBKDF2" PBES2Params B "1.2.840.113549.1.5.13" "id-PBES2" PBMAC1Params B "1.2.840.113549.1.5.14" "id-PBMAC1" #.NO_EMIT #.TYPE_RENAME #.FIELD_RENAME PrivateKeyInfo/version privateKeyVersion PBKDF2Params/salt saltChoice #.PDU #AuthenticatedSafe PrivateKeyInfo #.FN_BODY PFX dissector_handle_t dissector_handle; /* we change the CMS id-data dissector to dissect as AuthenticatedSafe not sure why PKCS#12 couldn't have used its own content type OID for AuthenticatedSafe */ dissector_handle=create_dissector_handle(dissect_AuthenticatedSafe_OCTETSTRING_PDU, proto_pkcs12); dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle); %(DEFAULT_BODY)s /* restore the original dissector */ dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1"); #.FN_BODY AuthenticatedSafe dissector_handle_t dissector_handle; /* we change the CMS id-data dissector to dissect as SafeContents */ dissector_handle=create_dissector_handle(dissect_SafeContents_OCTETSTRING_PDU, proto_pkcs12); dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle); %(DEFAULT_BODY)s /* restore the original dissector */ dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1"); #.FN_PARS SafeBag/bagId FN_VARIANT = _str VAL_PTR = &object_identifier_id #.FN_FTR SafeBag/bagId append_oid(actx->pinfo->pool, tree, object_identifier_id); #.END #.FN_PARS CertBag/certId FN_VARIANT = _str VAL_PTR = &object_identifier_id #.FN_FTR CertBag/certId append_oid(actx->pinfo->pool, tree, object_identifier_id); #.END #.FN_PARS CRLBag/crlId FN_VARIANT = _str VAL_PTR = &object_identifier_id #.FN_FTR CRLBag/crlId append_oid(actx->pinfo->pool, tree, object_identifier_id); #.END #.FN_PARS SecretBag/secretTypeId FN_VARIANT = _str VAL_PTR = &object_identifier_id #.FN_FTR SecretBag/secretTypeId append_oid(actx->pinfo->pool, tree, object_identifier_id); #.END #.FN_PARS PKCS12Attribute/attrId FN_VARIANT = _str VAL_PTR = &object_identifier_id #.FN_FTR PKCS12Attribute/attrId append_oid(actx->pinfo->pool, tree, object_identifier_id); #.END #.FN_BODY SafeBag/bagValue if(object_identifier_id) offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); #.FN_BODY PKCS12Attribute/attrValues/_item if(object_identifier_id) offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); #.FN_BODY CertBag/certValue if(object_identifier_id) offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); #.FN_BODY CRLBag/crlValue if(object_identifier_id) offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); #.FN_BODY SecretBag/secretValue if(object_identifier_id) offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); #.FN_HDR PBEParameter /* initialise the encryption parameters */ PBE_reset_parameters(); #.END #.FN_PARS OCTET_STRING VAL_PTR = (hf_index == hf_pkcs12_salt ? &salt : NULL) #.FN_PARS INTEGER VAL_PTR = (hf_index == hf_pkcs12_iterationCount ? &iteration_count : NULL) #.FN_PARS EncryptedData VAL_PTR = &encrypted_tvb #.FN_HDR EncryptedData tvbuff_t *encrypted_tvb; dissector_handle_t dissector_handle; #.END #.FN_FTR EncryptedData dissector_handle=create_dissector_handle(dissect_PrivateKeyInfo_PDU, proto_pkcs12); dissector_change_string("ber.oid", object_identifier_id, dissector_handle); PBE_decrypt_data(object_identifier_id, encrypted_tvb, actx->pinfo, actx, actx->created_item); /* restore the original dissector */ dissector_reset_string("ber.oid", object_identifier_id); #.END