Work in progress

New protocol X.509 Certificate Extensions This new code provides required functionality to the x509af dfissector it is not linked with ethereal yet and needs extra massage bewfore invoked. svn path=/trunk/; revision=11429
author: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> 2004-07-19 08:54:44 +0000
committer: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> 2004-07-19 08:54:44 +0000
commit: e06409d0838068bbcd1dff0a9e6f218630ab4075 (patch)
tree: 680883c3697f2d643c6c6e8bee026d97cf7f38a5
parent: 01c59fe6a0538b128820c62778b7019a97ded19a (diff)
4 files changed, 739 insertions, 0 deletions
diff --git a/asn1/x509ce/CertificateExtensions.asn b/asn1/x509ce/CertificateExtensions.asn
new file mode 100644
index 0000000000..ec46822d39
--- /dev/null
+++ b/asn1/x509ce/CertificateExtensions.asn
@@ -0,0 +1,609 @@
+-- Module CertificateExtensions (X.509:03/2000)
+CertificateExtensions {joint-iso-itu-t ds(5) module(1)
+  certificateExtensions(26) 4} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- EXPORTS ALL 
+IMPORTS
+  id-at, id-ce, id-mr, informationFramework, authenticationFramework,
+    selectedAttributeTypes, upperBounds
+    FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+      usefulDefinitions(0) 4}
+  Name, RelativeDistinguishedName, ATTRIBUTE, Attribute, MATCHING-RULE
+    FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+      informationFramework(1) 4}
+  CertificateSerialNumber, CertificateList, AlgorithmIdentifier, EXTENSION,
+    Time, PolicyID
+    FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+      authenticationFramework(7) 4}
+  DirectoryString{}
+    FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+      selectedAttributeTypes(5) 4}
+  ub-name
+    FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4}
+  ORAddress
+    FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+      mts-abstract-service(1) version-1999(1)};
+
+-- Unless explicitly noted otherwise, there is no significance to the ordering
+-- of components of a SEQUENCE OF construct in this Specification.
+-- public-key certificate and CRL extensions 
+-- authorityKeyIdentifier EXTENSION ::= {
+--   SYNTAX         AuthorityKeyIdentifier
+--   IDENTIFIED BY  id-ce-authorityKeyIdentifier
+-- }
+-- 
+-- AuthorityKeyIdentifier ::= SEQUENCE {
+--   keyIdentifier              [0]  KeyIdentifier OPTIONAL,
+--   authorityCertIssuer        [1]  GeneralNames OPTIONAL,
+--   authorityCertSerialNumber  [2]  CertificateSerialNumber OPTIONAL
+-- }
+-- (WITH COMPONENTS {
+--    ...,
+--    authorityCertIssuer        PRESENT,
+--    authorityCertSerialNumber  PRESENT
+--  } |
+--  WITH COMPONENTS {
+--    ...,
+--    authorityCertIssuer        ABSENT,
+--    authorityCertSerialNumber  ABSENT
+--  })
+-- 
+-- KeyIdentifier ::= OCTET STRING
+-- 
+-- subjectKeyIdentifier EXTENSION ::= {
+--   SYNTAX         SubjectKeyIdentifier
+--   IDENTIFIED BY  id-ce-subjectKeyIdentifier
+-- }
+-- 
+-- SubjectKeyIdentifier ::= KeyIdentifier
+-- 
+-- keyUsage EXTENSION ::= {SYNTAX         KeyUsage
+--                         IDENTIFIED BY  id-ce-keyUsage
+-- }
+-- 
+-- KeyUsage ::= BIT STRING {
+--   digitalSignature(0), nonRepudiation(1), keyEncipherment(2),
+--   dataEncipherment(3), keyAgreement(4), keyCertSign(5), cRLSign(6),
+--   encipherOnly(7), decipherOnly(8)}
+-- 
+-- extKeyUsage EXTENSION ::= {
+--   SYNTAX         SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+--   IDENTIFIED BY  id-ce-extKeyUsage
+-- }
+-- 
+-- KeyPurposeId ::= OBJECT IDENTIFIER
+-- 
+-- privateKeyUsagePeriod EXTENSION ::= {
+--   SYNTAX         PrivateKeyUsagePeriod
+--   IDENTIFIED BY  id-ce-privateKeyUsagePeriod
+-- }
+-- 
+-- PrivateKeyUsagePeriod ::= SEQUENCE {
+--   notBefore  [0]  GeneralizedTime OPTIONAL,
+--   notAfter   [1]  GeneralizedTime OPTIONAL
+-- }
+-- (WITH COMPONENTS {
+--    ...,
+--    notBefore  PRESENT
+--  } | WITH COMPONENTS {
+--        ...,
+--        notAfter  PRESENT
+--      })
+-- 
+-- certificatePolicies EXTENSION ::= {
+--   SYNTAX         CertificatePoliciesSyntax
+--   IDENTIFIED BY  id-ce-certificatePolicies
+-- }
+-- 
+-- CertificatePoliciesSyntax ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+-- 
+-- PolicyInformation ::= SEQUENCE {
+--   policyIdentifier  CertPolicyId,
+--   policyQualifiers  SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL
+-- }
+-- 
+-- CertPolicyId ::= OBJECT IDENTIFIER
+-- 
+-- PolicyQualifierInfo ::= SEQUENCE {
+--   policyQualifierId  CERT-POLICY-QUALIFIER.&id({SupportedPolicyQualifiers}),
+--   qualifier
+--     CERT-POLICY-QUALIFIER.&Qualifier
+--       ({SupportedPolicyQualifiers}{@policyQualifierId}) OPTIONAL
+-- }
+-- 
+-- SupportedPolicyQualifiers CERT-POLICY-QUALIFIER ::=
+--   {...}
+-- 
+-- anyPolicy OBJECT IDENTIFIER ::= {2 5 29 32 0}
+-- 
+-- CERT-POLICY-QUALIFIER ::= CLASS {
+--   &id         OBJECT IDENTIFIER UNIQUE,
+--   &Qualifier  OPTIONAL
+-- }WITH SYNTAX {POLICY-QUALIFIER-ID &id
+--               [QUALIFIER-TYPE &Qualifier]
+-- }
+-- 
+-- policyMappings EXTENSION ::= {
+--   SYNTAX         PolicyMappingsSyntax
+--   IDENTIFIED BY  id-ce-policyMappings
+-- }
+-- 
+-- PolicyMappingsSyntax ::=
+--   SEQUENCE SIZE (1..MAX) OF
+--     SEQUENCE {issuerDomainPolicy   CertPolicyId,
+--               subjectDomainPolicy  CertPolicyId}
+-- 
+-- subjectAltName EXTENSION ::= {
+--   SYNTAX         GeneralNames
+--   IDENTIFIED BY  id-ce-subjectAltName
+-- }
+
+GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+
+GeneralName ::= CHOICE {
+--   otherName                  [0]  INSTANCE OF OTHER-NAME,
+  rfc822Name                 [1]  IA5String,
+  dNSName                    [2]  IA5String,
+--  x400Address                [3]  ORAddress,
+--  directoryName              [4]  Name,
+--  ediPartyName               [5]  EDIPartyName,
+  uniformResourceIdentifier  [6]  IA5String,
+  iPAddress                  [7]  OCTET STRING,
+  registeredID               [8]  OBJECT IDENTIFIER
+}
+
+-- OTHER-NAME ::= TYPE-IDENTIFIER
+-- 
+-- EDIPartyName ::= SEQUENCE {
+--   nameAssigner  [0]  DirectoryString{ub-name} OPTIONAL,
+--   partyName     [1]  DirectoryString{ub-name}
+-- }
+-- 
+-- issuerAltName EXTENSION ::= {
+--   SYNTAX         GeneralNames
+--   IDENTIFIED BY  id-ce-issuerAltName
+-- }
+-- 
+-- subjectDirectoryAttributes EXTENSION ::= {
+--   SYNTAX         AttributesSyntax
+--   IDENTIFIED BY  id-ce-subjectDirectoryAttributes
+-- }
+-- 
+-- AttributesSyntax ::= SEQUENCE SIZE (1..MAX) OF Attribute
+-- 
+-- basicConstraints EXTENSION ::= {
+--   SYNTAX         BasicConstraintsSyntax
+--   IDENTIFIED BY  id-ce-basicConstraints
+-- }
+-- 
+-- BasicConstraintsSyntax ::= SEQUENCE {
+--   cA                 BOOLEAN DEFAULT FALSE,
+--   pathLenConstraint  INTEGER(0..MAX) OPTIONAL
+-- }
+-- 
+-- nameConstraints EXTENSION ::= {
+--   SYNTAX         NameConstraintsSyntax
+--   IDENTIFIED BY  id-ce-nameConstraints
+-- }
+-- 
+-- NameConstraintsSyntax ::= SEQUENCE {
+--   permittedSubtrees  [0]  GeneralSubtrees OPTIONAL,
+--   excludedSubtrees   [1]  GeneralSubtrees OPTIONAL
+-- }
+-- 
+-- GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+-- 
+-- GeneralSubtree ::= SEQUENCE {
+--   base     GeneralName,
+--   minimum  [0]  BaseDistance DEFAULT 0,
+--   maximum  [1]  BaseDistance OPTIONAL
+-- }
+-- 
+-- BaseDistance ::= INTEGER(0..MAX)
+-- 
+-- policyConstraints EXTENSION ::= {
+--   SYNTAX         PolicyConstraintsSyntax
+--   IDENTIFIED BY  id-ce-policyConstraints
+-- }
+-- 
+-- PolicyConstraintsSyntax ::= SEQUENCE {
+--   requireExplicitPolicy  [0]  SkipCerts OPTIONAL,
+--   inhibitPolicyMapping   [1]  SkipCerts OPTIONAL
+-- }
+-- 
+-- SkipCerts ::= INTEGER(0..MAX)
+-- 
+-- cRLNumber EXTENSION ::= {
+--   SYNTAX         CRLNumber
+--   IDENTIFIED BY  id-ce-cRLNumber
+-- }
+-- 
+-- CRLNumber ::= INTEGER(0..MAX)
+-- 
+-- reasonCode EXTENSION ::= {
+--   SYNTAX         CRLReason
+--   IDENTIFIED BY  id-ce-reasonCode
+-- }
+-- 
+-- CRLReason ::= ENUMERATED {
+--   unspecified(0), keyCompromise(1), cACompromise(2), affiliationChanged(3),
+--   superseded(4), cessationOfOperation(5), certificateHold(6), removeFromCRL(8),
+--   privilegeWithdrawn(9), aaCompromise(10)}
+-- 
+-- holdInstructionCode EXTENSION ::= {
+--   SYNTAX         HoldInstruction
+--   IDENTIFIED BY  id-ce-instructionCode
+-- }
+-- 
+-- HoldInstruction ::= OBJECT IDENTIFIER
+-- 
+-- invalidityDate EXTENSION ::= {
+--   SYNTAX         GeneralizedTime
+--   IDENTIFIED BY  id-ce-invalidityDate
+-- }
+-- 
+-- crlScope EXTENSION ::= {
+--   SYNTAX         CRLScopeSyntax
+--   IDENTIFIED BY  id-ce-cRLScope
+-- }
+-- 
+-- CRLScopeSyntax ::= SEQUENCE SIZE (1..MAX) OF PerAuthorityScope
+-- 
+-- PerAuthorityScope ::= SEQUENCE {
+--   authorityName       [0]  GeneralName OPTIONAL,
+--   distributionPoint   [1]  DistributionPointName OPTIONAL,
+--   onlyContains        [2]  OnlyCertificateTypes OPTIONAL,
+--   onlySomeReasons     [4]  ReasonFlags OPTIONAL,
+--   serialNumberRange   [5]  NumberRange OPTIONAL,
+--   subjectKeyIdRange   [6]  NumberRange OPTIONAL,
+--   nameSubtrees        [7]  GeneralNames OPTIONAL,
+--   baseRevocationInfo  [9]  BaseRevocationInfo OPTIONAL
+-- }
+-- 
+-- OnlyCertificateTypes ::= BIT STRING {
+--   userPublicKey(0), cA(1), userAttribute(2), aA(3), sOAPublicKey(4)}
+-- 
+-- NumberRange ::= SEQUENCE {
+--   startingNumber  [0]  INTEGER OPTIONAL,
+--   endingNumber    [1]  INTEGER OPTIONAL,
+--   modulus         INTEGER OPTIONAL
+-- }
+-- 
+-- BaseRevocationInfo ::= SEQUENCE {
+--   cRLStreamIdentifier  [0]  CRLStreamIdentifier OPTIONAL,
+--   cRLNumber            [1]  CRLNumber,
+--   baseThisUpdate       [2]  GeneralizedTime
+-- }
+-- 
+-- statusReferrals EXTENSION ::= {
+--   SYNTAX         StatusReferrals
+--   IDENTIFIED BY  id-ce-statusReferrals
+-- }
+-- 
+-- StatusReferrals ::= SEQUENCE SIZE (1..MAX) OF StatusReferral
+-- 
+-- StatusReferral ::= CHOICE {
+--   cRLReferral    [0]  CRLReferral,
+--   otherReferral  [1]  INSTANCE OF OTHER-REFERRAL
+-- }
+-- 
+-- CRLReferral ::= SEQUENCE {
+--   issuer          [0]  GeneralName OPTIONAL,
+--   location        [1]  GeneralName OPTIONAL,
+--   deltaRefInfo    [2]  DeltaRefInfo OPTIONAL,
+--   cRLScope        CRLScopeSyntax,
+--   lastUpdate      [3]  GeneralizedTime OPTIONAL,
+--   lastChangedCRL  [4]  GeneralizedTime OPTIONAL
+-- }
+-- 
+-- DeltaRefInfo ::= SEQUENCE {
+--   deltaLocation  GeneralName,
+--   lastDelta      GeneralizedTime OPTIONAL
+-- }
+-- 
+-- OTHER-REFERRAL ::= TYPE-IDENTIFIER
+-- 
+-- cRLStreamIdentifier EXTENSION ::= {
+--   SYNTAX         CRLStreamIdentifier
+--   IDENTIFIED BY  id-ce-cRLStreamIdentifier
+-- }
+-- 
+-- CRLStreamIdentifier ::= INTEGER(0..MAX)
+-- 
+-- orderedList EXTENSION ::= {
+--   SYNTAX         OrderedListSyntax
+--   IDENTIFIED BY  id-ce-orderedList
+-- }
+-- 
+-- OrderedListSyntax ::= ENUMERATED {ascSerialNum(0), ascRevDate(1)}
+-- 
+-- deltaInfo EXTENSION ::= {
+--   SYNTAX         DeltaInformation
+--   IDENTIFIED BY  id-ce-deltaInfo
+-- }
+-- 
+-- DeltaInformation ::= SEQUENCE {
+--   deltaLocation  GeneralName,
+--   nextDelta      GeneralizedTime OPTIONAL
+-- }
+-- 
+-- cRLDistributionPoints EXTENSION ::= {
+--   SYNTAX         CRLDistPointsSyntax
+--   IDENTIFIED BY  id-ce-cRLDistributionPoints
+-- }
+-- 
+-- CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
+-- 
+-- DistributionPoint ::= SEQUENCE {
+--   distributionPoint  [0]  DistributionPointName OPTIONAL,
+--   reasons            [1]  ReasonFlags OPTIONAL,
+--   cRLIssuer          [2]  GeneralNames OPTIONAL
+-- }
+-- 
+-- DistributionPointName ::= CHOICE {
+--   fullName                 [0]  GeneralNames,
+--   nameRelativeToCRLIssuer  [1]  RelativeDistinguishedName
+-- }
+-- 
+-- ReasonFlags ::= BIT STRING {
+--   unused(0), keyCompromise(1), cACompromise(2), affiliationChanged(3),
+--   superseded(4), cessationOfOperation(5), certificateHold(6),
+--   privilegeWithdrawn(7), aACompromise(8)}
+-- 
+-- issuingDistributionPoint EXTENSION ::= {
+--   SYNTAX         IssuingDistPointSyntax
+--   IDENTIFIED BY  id-ce-issuingDistributionPoint
+-- }
+-- 
+-- IssuingDistPointSyntax ::= SEQUENCE {
+--    If containsUserPublicKeyCerts, containsCACerts, containsUserAttributeCerts, 
+--   containsAACerts,  and containsSOAPublicKeyCerts s are all absent, or not set to TRUE, (), 
+--   the CRL covers allthese  certificate types 
+--   distributionPoint           [0]  DistributionPointName OPTIONAL,
+--   containsUserPublicKeyCerts  [1]  BOOLEAN DEFAULT FALSE,
+--   containsCACerts             [2]  BOOLEAN DEFAULT FALSE,
+--   onlySomeReasons             [3]  ReasonFlags OPTIONAL,
+--   indirectCRL                 [4]  BOOLEAN DEFAULT FALSE,
+--   containsUserAttributeCerts  [5]  BOOLEAN DEFAULT FALSE,
+--   containsAACerts             [6]  BOOLEAN DEFAULT FALSE,
+--   containsSOAPublicKeyCerts   [7]  BOOLEAN DEFAULT FALSE
+-- }
+-- 
+-- certificateIssuer EXTENSION ::= {
+--   SYNTAX         GeneralNames
+--   IDENTIFIED BY  id-ce-certificateIssuer
+-- }
+-- 
+-- deltaCRLIndicator EXTENSION ::= {
+--   SYNTAX         BaseCRLNumber
+--   IDENTIFIED BY  id-ce-deltaCRLIndicator
+-- }
+-- 
+-- BaseCRLNumber ::= CRLNumber
+-- 
+-- baseUpdateTime EXTENSION ::= {
+--   SYNTAX         GeneralizedTime
+--   IDENTIFIED BY  id-ce-baseUpdateTime
+-- }
+-- 
+-- freshestCRL EXTENSION ::= {
+--   SYNTAX         CRLDistPointsSyntax
+--   IDENTIFIED BY  id-ce-freshestCRL
+-- }
+-- 
+-- inhibitAnyPolicy EXTENSION ::= {
+--   SYNTAX         SkipCerts
+--   IDENTIFIED BY  id-ce-inhibitAnyPolicy
+-- }
+-- 
+-- PKI matching rules 
+-- certificateExactMatch MATCHING-RULE ::= {
+--   SYNTAX  CertificateExactAssertion
+--   ID      id-mr-certificateExactMatch
+-- }
+-- 
+-- CertificateExactAssertion ::= SEQUENCE {
+--   serialNumber  CertificateSerialNumber,
+--   issuer        Name
+-- }
+-- 
+-- certificateMatch MATCHING-RULE ::= {
+--   SYNTAX  CertificateAssertion
+--   ID      id-mr-certificateMatch
+-- }
+-- 
+-- CertificateAssertion ::= SEQUENCE {
+--   serialNumber            [0]  CertificateSerialNumber OPTIONAL,
+--   issuer                  [1]  Name OPTIONAL,
+--   subjectKeyIdentifier    [2]  SubjectKeyIdentifier OPTIONAL,
+--   authorityKeyIdentifier  [3]  AuthorityKeyIdentifier OPTIONAL,
+--   certificateValid        [4]  Time OPTIONAL,
+--   privateKeyValid         [5]  GeneralizedTime OPTIONAL,
+--   subjectPublicKeyAlgID   [6]  OBJECT IDENTIFIER OPTIONAL,
+--   keyUsage                [7]  KeyUsage OPTIONAL,
+--   subjectAltName          [8]  AltNameType OPTIONAL,
+--   policy                  [9]  CertPolicySet OPTIONAL,
+--   pathToName              [10]  Name OPTIONAL,
+--   subject                 [11]  Name OPTIONAL,
+--   nameConstraints         [12]  NameConstraintsSyntax OPTIONAL
+-- }
+-- 
+-- AltNameType ::= CHOICE {
+--   builtinNameForm
+--     ENUMERATED {rfc822Name(1), dNSName(2), x400Address(3), directoryName(4),
+--                 ediPartyName(5), uniformResourceIdentifier(6), iPAddress(7),
+--                 registeredId(8)},
+--   otherNameForm    OBJECT IDENTIFIER
+-- }
+-- 
+-- CertPolicySet ::= SEQUENCE SIZE (1..MAX) OF CertPolicyId
+-- 
+-- certificatePairExactMatch MATCHING-RULE ::= {
+--   SYNTAX  CertificatePairExactAssertion
+--   ID      id-mr-certificatePairExactMatch
+-- }
+-- 
+-- CertificatePairExactAssertion ::= SEQUENCE {
+--   issuedToThisCAAssertion  [0]  CertificateExactAssertion OPTIONAL,
+--   issuedByThisCAAssertion  [1]  CertificateExactAssertion OPTIONAL
+-- }
+-- (WITH COMPONENTS {
+--    ...,
+--    issuedToThisCAAssertion  PRESENT
+--  } | WITH COMPONENTS {
+--        ...,
+--        issuedByThisCAAssertion  PRESENT
+--      })
+-- 
+-- certificatePairMatch MATCHING-RULE ::= {
+--   SYNTAX  CertificatePairAssertion
+--   ID      id-mr-certificatePairMatch
+-- }
+-- 
+-- CertificatePairAssertion ::= SEQUENCE {
+--   issuedToThisCAAssertion  [0]  CertificateAssertion OPTIONAL,
+--   issuedByThisCAAssertion  [1]  CertificateAssertion OPTIONAL
+-- }
+-- (WITH COMPONENTS {
+--    ...,
+--    issuedToThisCAAssertion  PRESENT
+--  } | WITH COMPONENTS {
+--        ...,
+--        issuedByThisCAAssertion  PRESENT
+--      })
+-- 
+-- certificateListExactMatch MATCHING-RULE ::= {
+--   SYNTAX  CertificateListExactAssertion
+--   ID      id-mr-certificateListExactMatch
+-- }
+-- 
+-- CertificateListExactAssertion ::= SEQUENCE {
+--   issuer             Name,
+--   thisUpdate         Time,
+--   distributionPoint  DistributionPointName OPTIONAL
+-- }
+-- 
+-- certificateListMatch MATCHING-RULE ::= {
+--   SYNTAX  CertificateListAssertion
+--   ID      id-mr-certificateListMatch
+-- }
+-- 
+-- CertificateListAssertion ::= SEQUENCE {
+--   issuer                  Name OPTIONAL,
+--   minCRLNumber            [0]  CRLNumber OPTIONAL,
+--   maxCRLNumber            [1]  CRLNumber OPTIONAL,
+--   reasonFlags             ReasonFlags OPTIONAL,
+--   dateAndTime             Time OPTIONAL,
+--   distributionPoint       [2]  DistributionPointName OPTIONAL,
+--   authorityKeyIdentifier  [3]  AuthorityKeyIdentifier OPTIONAL
+-- }
+-- 
+-- algorithmIdentifierMatch MATCHING-RULE ::= {
+--   SYNTAX  AlgorithmIdentifier
+--   ID      id-mr-algorithmIdentifierMatch
+-- }
+-- 
+-- policyMatch MATCHING-RULE ::= {SYNTAX  PolicyID
+--                                ID      id-mr-policyMatch
+-- }
+-- 
+-- pkiPathMatch MATCHING-RULE ::= {
+--   SYNTAX  PkiPathMatchSyntax
+--   ID      id-mr-pkiPathMatch
+-- }
+-- 
+-- PkiPathMatchSyntax ::= SEQUENCE {firstIssuer  Name,
+--                                  lastSubject  Name
+-- }
+-- 
+-- Object identifier assignments 
+-- id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::=
+--   {id-ce 9}
+-- 
+-- id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 14}
+-- 
+-- id-ce-keyUsage OBJECT IDENTIFIER ::= {id-ce 15}
+-- 
+-- id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= {id-ce 16}
+-- 
+-- id-ce-subjectAltName OBJECT IDENTIFIER ::= {id-ce 17}
+-- 
+-- id-ce-issuerAltName OBJECT IDENTIFIER ::= {id-ce 18}
+-- 
+-- id-ce-basicConstraints OBJECT IDENTIFIER ::= {id-ce 19}
+-- 
+-- id-ce-cRLNumber OBJECT IDENTIFIER ::= {id-ce 20}
+-- 
+-- id-ce-reasonCode OBJECT IDENTIFIER ::= {id-ce 21}
+-- 
+-- id-ce-instructionCode OBJECT IDENTIFIER ::= {id-ce 23}
+-- 
+-- id-ce-invalidityDate OBJECT IDENTIFIER ::= {id-ce 24}
+-- 
+-- id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= {id-ce 27}
+-- 
+-- id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 28}
+-- 
+-- id-ce-certificateIssuer OBJECT IDENTIFIER ::= {id-ce 29}
+-- 
+-- id-ce-nameConstraints OBJECT IDENTIFIER ::= {id-ce 30}
+-- 
+-- id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31}
+-- 
+-- id-ce-certificatePolicies OBJECT IDENTIFIER ::= {id-ce 32}
+-- 
+-- id-ce-policyMappings OBJECT IDENTIFIER ::= {id-ce 33}
+-- 
+-- deprecated							OBJECT IDENTIFIER	::=	{id-ce 34}
+-- id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=
+--   {id-ce 35}
+-- 
+-- id-ce-policyConstraints OBJECT IDENTIFIER ::= {id-ce 36}
+-- 
+-- id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37}
+-- 
+-- id-ce-cRLStreamIdentifier OBJECT IDENTIFIER ::= {id-ce 40}
+-- 
+-- id-ce-cRLScope OBJECT IDENTIFIER ::= {id-ce 44}
+-- 
+-- id-ce-statusReferrals OBJECT IDENTIFIER ::= {id-ce 45}
+-- 
+-- id-ce-freshestCRL OBJECT IDENTIFIER ::= {id-ce 46}
+-- 
+-- id-ce-orderedList OBJECT IDENTIFIER ::= {id-ce 47}
+-- 
+-- id-ce-baseUpdateTime OBJECT IDENTIFIER ::= {id-ce 51}
+-- 
+-- id-ce-deltaInfo OBJECT IDENTIFIER ::= {id-ce 53}
+-- 
+-- id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= {id-ce 54}
+-- 
+-- matching rule OIDs 
+-- id-mr-certificateExactMatch OBJECT IDENTIFIER ::=
+--   {id-mr 34}
+-- 
+-- id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35}
+-- 
+-- id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36}
+-- 
+-- id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37}
+-- 
+-- id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38}
+-- 
+-- id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39}
+-- 
+-- id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40}
+-- 
+-- id-mr-policyMatch OBJECT IDENTIFIER ::= {id-mr 60}
+-- 
+-- id-mr-pkiPathMatch OBJECT IDENTIFIER ::= {id-mr 62}
+-- 
+-- The following OBJECT IDENTIFIERS are not used by this Specification:
+-- {id-ce 2}, {id-ce 3}, {id-ce 4}, {id-ce 5}, {id-ce 6}, {id-ce 7},
+-- {id-ce 8}, {id-ce 10}, {id-ce 11}, {id-ce 12}, {id-ce 13}, 
+-- {id-ce 22}, {id-ce 25}, {id-ce 26}
+
+END
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
diff --git a/asn1/x509ce/packet-x509ce-template.c b/asn1/x509ce/packet-x509ce-template.c
new file mode 100644
index 0000000000..2d4f098bd8
--- /dev/null
+++ b/asn1/x509ce/packet-x509ce-template.c
@@ -0,0 +1,79 @@
+/* packet-x509ce.c
+ * Routines for X.509 Certificate Extensions packet dissection
+ *
+ * $Id: packet-x509ce-template.c,v 1.2 2004/05/25 21:07:43 guy Exp $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <glib.h>
+#include <epan/packet.h>
+#include <epan/conversation.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#include "packet-ber.h"
+#include "packet-x509ce.h"
+
+#define PNAME  "X.509 Certificate Extensions"
+#define PSNAME "X509CE"
+#define PFNAME "x509ce"
+
+/* Initialize the protocol and registered fields */
+int proto_x509ce = -1;
+#include "packet-x509ce-hf.c"
+
+/* Initialize the subtree pointers */
+#include "packet-x509ce-ett.c"
+
+#include "packet-x509ce-fn.c"
+
+
+/*--- proto_register_x509ce ----------------------------------------------*/
+void proto_register_x509ce(void) {
+
+  /* List of fields */
+  static hf_register_info hf[] = {
+#include "packet-x509ce-hfarr.c"
+  };
+
+  /* List of subtrees */
+  static gint *ett[] = {
+#include "packet-x509ce-ettarr.c"
+  };
+
+  /* Register protocol */
+  proto_x509ce = proto_register_protocol(PNAME, PSNAME, PFNAME);
+
+  /* Register fields and subtrees */
+  proto_register_field_array(proto_x509ce, hf, array_length(hf));
+  proto_register_subtree_array(ett, array_length(ett));
+
+}
+
+
+/*--- proto_reg_handoff_x509ce -------------------------------------------*/
+void proto_reg_handoff_x509ce(void) {
+}
+
diff --git a/asn1/x509ce/packet-x509ce-template.h b/asn1/x509ce/packet-x509ce-template.h
new file mode 100644
index 0000000000..92acac5a58
--- /dev/null
+++ b/asn1/x509ce/packet-x509ce-template.h
@@ -0,0 +1,31 @@
+/* packet-x509ce.h
+ * Routines for X.509 Certificate Extensions packet dissection
+ *
+ * $Id: packet-x509ce-template.h,v 1.1 2004/05/24 08:42:29 sahlberg Exp $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifndef PACKET_X509CE_H
+#define PACKET_X509CE_H
+
+#include "packet-x509ce-exp.h"
+
+#endif  /* PACKET_X509CE_H */
+
diff --git a/asn1/x509ce/x509ce.cnf b/asn1/x509ce/x509ce.cnf
new file mode 100644
index 0000000000..3323e04196
--- /dev/null
+++ b/asn1/x509ce/x509ce.cnf
@@ -0,0 +1,20 @@
+# x509ce.cnf
+# X509CE conformation file
+
+# $Id: x509ce.cnf,v 1.2 2004/06/03 08:35:44 guy Exp $
+
+#.MODULE_IMPORT
+
+#.EXPORTS
+
+GeneralNames
+
+#.NO_EMIT
+
+#.TYPE_RENAME
+
+#.FIELD_RENAME
+
+#.END
+
+
author	Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>	2004-07-19 08:54:44 +0000
committer	Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>	2004-07-19 08:54:44 +0000
commit	e06409d0838068bbcd1dff0a9e6f218630ab4075 (patch)
tree	680883c3697f2d643c6c6e8bee026d97cf7f38a5
parent	01c59fe6a0538b128820c62778b7019a97ded19a (diff)