Move /asn1 to /epan/dissectors

Change-Id: I1208fe3c2ba428995526f561e8f792b8d871e9a9
Reviewed-on: https://code.wireshark.org/review/14388
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>

8 files changed, 0 insertions, 1136 deletions

diff --git a/asn1/pkcs12/CMakeLists.txt b/asn1/pkcs12/CMakeLists.txt
deleted file mode 100644
index f805707a7c..0000000000
--- a/asn1/pkcs12/CMakeLists.txt
+++ /dev/null
@@ -1,54 +0,0 @@
-# CMakeLists.txt
-#
-# Wireshark - Network traffic analyzer
-# By Gerald Combs <gerald@wireshark.org>
-# Copyright 1998 Gerald Combs
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-
-set( PROTOCOL_NAME pkcs12 )
-
-set( PROTO_OPT )
-
-set( EXT_ASN_FILE_LIST
-)
-
-set( ASN_FILE_LIST
-	${PROTOCOL_NAME}.asn
-)
-
-set( EXTRA_DIST
-	${ASN_FILE_LIST}
-	packet-${PROTOCOL_NAME}-template.c
-	packet-${PROTOCOL_NAME}-template.h
-	${PROTOCOL_NAME}.cnf
-)
-
-set( SRC_FILES
-	${EXTRA_DIST}
-	${EXT_ASN_FILE_LIST}
-)
-
-set( A2W_FLAGS -b )
-
-set( EXTRA_CNF
-	"${CMAKE_CURRENT_BINARY_DIR}/../x509if/x509if-exp.cnf"
-	"${CMAKE_CURRENT_BINARY_DIR}/../x509af/x509af-exp.cnf"
-	"${CMAKE_CURRENT_BINARY_DIR}/../cms/cms-exp.cnf"
-)
-
-ASN2WRS()
-
diff --git a/asn1/pkcs12/Makefile.am b/asn1/pkcs12/Makefile.am
deleted file mode 100644
index 72d28e600b..0000000000
--- a/asn1/pkcs12/Makefile.am
+++ /dev/null
@@ -1,23 +0,0 @@
-# Wireshark - Network traffic analyzer
-# By Gerald Combs <gerald@wireshark.org>
-# Copyright 1998 Gerald Combs
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-include ../Makefile.preinc
-include Makefile.common
-include ../Makefile.inc
-
diff --git a/asn1/pkcs12/Makefile.common b/asn1/pkcs12/Makefile.common
deleted file mode 100644
index 04226bb180..0000000000
--- a/asn1/pkcs12/Makefile.common
+++ /dev/null
@@ -1,56 +0,0 @@
-# Wireshark - Network traffic analyzer
-# By Gerald Combs <gerald@wireshark.org>
-# Copyright 1998 Gerald Combs
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-PROTOCOL_NAME=pkcs12
-
-EXT_ASN_FILE_LIST =
-
-ASN_FILE_LIST = \
-	$(PROTOCOL_NAME).asn
-
-# The packet-$(PROTOCOL_NAME)-template.h and $(PROTOCOL_NAME).asn
-# files do not exist for all protocols: Please add/remove as required.
-EXTRA_DIST = \
-	$(EXTRA_DIST_COMMON) \
-	$(ASN_FILE_LIST) \
-	packet-$(PROTOCOL_NAME)-template.c \
-	packet-$(PROTOCOL_NAME)-template.h \
-	$(PROTOCOL_NAME).cnf
-
-SRC_FILES = \
-	$(EXTRA_DIST) \
-	$(EXT_ASN_FILE_LIST)
-
-A2W_FLAGS= -b
-
-# Note the order here is important, cms needs at least x509af-exp to be generated first
-EXTRA_CNF= \
-	$(builddir)/../x509if/x509if-exp.cnf  \
-	$(builddir)/../x509af/x509af-exp.cnf \
-	$(builddir)/../cms/cms-exp.cnf
-
-$(builddir)/../cms/cms-exp.cnf:
-	(cd $(builddir)/../cms && $(MAKE_CNF_EXPORT))
-
-$(builddir)/../x509af/x509af-exp.cnf:
-	(cd $(builddir)/../x509af && $(MAKE_CNF_EXPORT))
-
-$(builddir)/../x509if/x509if-exp.cnf:
-	(cd $(builddir)/../x509if && $(MAKE_CNF_EXPORT))
-
diff --git a/asn1/pkcs12/Makefile.nmake b/asn1/pkcs12/Makefile.nmake
deleted file mode 100644
index fc70f2382f..0000000000
--- a/asn1/pkcs12/Makefile.nmake
+++ /dev/null
@@ -1,26 +0,0 @@
-## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
-#
-# Wireshark - Network traffic analyzer
-# By Gerald Combs <gerald@wireshark.org>
-# Copyright 1998 Gerald Combs
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-
-include ../../config.nmake
-include ../Makefile.preinc.nmake
-include Makefile.common
-include ../Makefile.inc.nmake
-
diff --git a/asn1/pkcs12/packet-pkcs12-template.c b/asn1/pkcs12/packet-pkcs12-template.c
deleted file mode 100644
index 18814039b2..0000000000
--- a/asn1/pkcs12/packet-pkcs12-template.c
+++ /dev/null
@@ -1,512 +0,0 @@
-/* packet-pkcs12.c
- * Routines for PKCS#12: Personal Information Exchange packet dissection
- * Graeme Lunt 2006
- *
- * See "PKCS #12 v1.1: Personal Information Exchange Syntax":
- *
- *    http://www.emc.com/emc-plus/rsa-labs/pkcs/files/h11301-wp-pkcs-12v1-1-personal-information-exchange-syntax.pdf
- *
- * Wireshark - Network traffic analyzer
- * By Gerald Combs <gerald@wireshark.org>
- * Copyright 1998 Gerald Combs
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
-
-#include "config.h"
-
-#include <epan/packet.h>
-#include <epan/expert.h>
-#include <epan/oids.h>
-#include <epan/asn1.h>
-#include <epan/prefs.h>
-
-#include "packet-ber.h"
-#include "packet-pkcs12.h"
-#include "packet-x509af.h"
-#include "packet-x509if.h"
-#include "packet-cms.h"
-
-#include <wsutil/wsgcrypt.h>
-
-#define PNAME  "PKCS#12: Personal Information Exchange"
-#define PSNAME "PKCS12"
-#define PFNAME "pkcs12"
-
-#define PKCS12_PBE_ARCFOUR_SHA1_OID     "1.2.840.113549.1.12.1.1"
-#define PKCS12_PBE_3DES_SHA1_OID	"1.2.840.113549.1.12.1.3"
-#define PKCS12_PBE_RC2_40_SHA1_OID	"1.2.840.113549.1.12.1.6"
-
-void proto_register_pkcs12(void);
-void proto_reg_handoff_pkcs12(void);
-
-/* Initialize the protocol and registered fields */
-static int proto_pkcs12 = -1;
-
-static int hf_pkcs12_X509Certificate_PDU = -1;
-static int hf_pkcs12_AuthenticatedSafe_PDU = -1;  /* AuthenticatedSafe */
-static gint ett_decrypted_pbe = -1;
-
-static expert_field ei_pkcs12_octet_string_expected = EI_INIT;
-
-
-static const char *object_identifier_id = NULL;
-static int iteration_count = 0;
-static tvbuff_t *salt = NULL;
-static const char *password = NULL;
-static gboolean try_null_password = FALSE;
-
-static int dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data);
-static int dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data);
-static int dissect_PrivateKeyInfo_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data);
-
-#include "packet-pkcs12-hf.c"
-
-/* Initialize the subtree pointers */
-#include "packet-pkcs12-ett.c"
-
-static void append_oid(proto_tree *tree, const char *oid)
-{
-  	const char *name = NULL;
-
-	name = oid_resolved_from_string(wmem_packet_scope(), oid);
-	proto_item_append_text(tree, " (%s)", name ? name : oid);
-}
-
-#ifdef HAVE_LIBGCRYPT
-
-static int
-generate_key_or_iv(unsigned int id, tvbuff_t *salt_tvb, unsigned int iter,
-		       const char *pw, unsigned int req_keylen, char * keybuf)
-{
-  int rc;
-  unsigned int i, j;
-  gcry_md_hd_t md;
-  gcry_mpi_t num_b1 = NULL;
-  size_t pwlen;
-  char hash[20], buf_b[64], buf_i[128], *p;
-  char *salt_p;
-  int salt_size;
-  size_t cur_keylen;
-  size_t n;
-  gcry_error_t	err;
-
-  cur_keylen = 0;
-
-  salt_size = tvb_captured_length(salt_tvb);
-  salt_p = (char *)tvb_memdup(wmem_packet_scope(), salt_tvb, 0, salt_size);
-
-  if (pw == NULL)
-    pwlen = 0;
-  else
-    pwlen = strlen(pw);
-
-  if (pwlen > 63 / 2)
-    {
-      return FALSE;
-    }
-
-  /* Store salt and password in BUF_I */
-  p = buf_i;
-  for (i = 0; i < 64; i++)
-    *p++ = salt_p[i % salt_size];
-  if (pw)
-    {
-      for (i = j = 0; i < 64; i += 2)
-	{
-	  *p++ = 0;
-	  *p++ = pw[j];
-	  if (++j > pwlen)	/* Note, that we include the trailing zero */
-	    j = 0;
-	}
-    }
-  else
-    memset (p, 0, 64);
-
-  for (;;) {
-      err = gcry_md_open(&md, GCRY_MD_SHA1, 0);
-      if (gcry_err_code(err))
-        {
-          return FALSE;
-        }
-      for (i = 0; i < 64; i++)
-        {
-          unsigned char lid = id & 0xFF;
-          gcry_md_write (md, &lid, 1);
-	}
-
-      gcry_md_write(md, buf_i, pw ? 128 : 64);
-
-      gcry_md_final (md);
-      memcpy (hash, gcry_md_read (md, 0), 20);
-
-      gcry_md_close (md);
-
-      for (i = 1; i < iter; i++)
-        gcry_md_hash_buffer (GCRY_MD_SHA1, hash, hash, 20);
-
-      for (i = 0; i < 20 && cur_keylen < req_keylen; i++)
-        keybuf[cur_keylen++] = hash[i];
-
-      if (cur_keylen == req_keylen)
-      {
-        gcry_mpi_release (num_b1);
-        return TRUE;		/* ready */
-      }
-
-      /* need more bytes. */
-      for (i = 0; i < 64; i++)
-        buf_b[i] = hash[i % 20];
-
-      n = 64;
-
-      rc = gcry_mpi_scan (&num_b1, GCRYMPI_FMT_USG, buf_b, n, &n);
-
-      if (rc != 0)
-        {
-          return FALSE;
-        }
-
-      gcry_mpi_add_ui (num_b1, num_b1, 1);
-
-      for (i = 0; i < 128; i += 64)
-        {
-          gcry_mpi_t num_ij;
-
-          n = 64;
-          rc = gcry_mpi_scan (&num_ij, GCRYMPI_FMT_USG, buf_i + i, n, &n);
-
-          if (rc != 0)
-            {
-              return FALSE;
-            }
-
-          gcry_mpi_add (num_ij, num_ij, num_b1);
-          gcry_mpi_clear_highbit (num_ij, 64 * 8);
-
-          n = 64;
-
-          rc = gcry_mpi_print (GCRYMPI_FMT_USG, buf_i + i, n, &n, num_ij);
-          if (rc != 0)
-            {
-              return FALSE;
-            }
-
-          gcry_mpi_release (num_ij);
-        }
-  }
-}
-
-#endif
-
-void PBE_reset_parameters(void)
-{
-	iteration_count = 0;
-	salt = NULL;
-}
-
-int PBE_decrypt_data(const char *object_identifier_id_param _U_, tvbuff_t *encrypted_tvb _U_, asn1_ctx_t *actx _U_, proto_item *item _U_)
-{
-#ifdef HAVE_LIBGCRYPT
-	const char	*encryption_algorithm;
-	gcry_cipher_hd_t cipher;
-	gcry_error_t	err;
-	int		algo;
-	int		mode;
-	int		ivlen = 0;
-	int		keylen = 0;
-	int		datalen = 0;
-	char		*key = NULL;
-	char		*iv = NULL;
-	char		*clear_data = NULL;
-	tvbuff_t	*clear_tvb = NULL;
-	const gchar     *oidname;
-	GString		*name;
-	proto_tree	*tree;
-	char		byte;
-	gboolean	decrypt_ok = TRUE;
-
-	if(((password == NULL) || (*password == '\0')) && (try_null_password == FALSE)) {
-		/* we are not configured to decrypt */
-		return FALSE;
-	}
-
-	encryption_algorithm = x509af_get_last_algorithm_id();
-
-	/* these are the only encryption schemes we understand for now */
-	if(!strcmp(encryption_algorithm, PKCS12_PBE_3DES_SHA1_OID)) {
-		ivlen = 8;
-		keylen = 24;
-		algo = GCRY_CIPHER_3DES;
-		mode = GCRY_CIPHER_MODE_CBC;
-	} else if(!strcmp(encryption_algorithm, PKCS12_PBE_ARCFOUR_SHA1_OID)) {
-		ivlen = 0;
-		keylen = 16;
-		algo = GCRY_CIPHER_ARCFOUR;
-		mode = GCRY_CIPHER_MODE_NONE;
-	} else if(!strcmp(encryption_algorithm, PKCS12_PBE_RC2_40_SHA1_OID)) {
-		ivlen = 8;
-		keylen = 5;
-		algo = GCRY_CIPHER_RFC2268_40;
-		mode = GCRY_CIPHER_MODE_CBC;
-	} else {
-		/* we don't know how to decrypt this */
-
-		proto_item_append_text(item, " [Unsupported encryption algorithm]");
-		return FALSE;
-	}
-
-	if((iteration_count == 0) || (salt == NULL)) {
-		proto_item_append_text(item, " [Insufficient parameters]");
-		return FALSE;
-	}
-
-	/* allocate buffers */
-	key = (char *)wmem_alloc(wmem_packet_scope(), keylen);
-
-	if(!generate_key_or_iv(1 /*LEY */, salt, iteration_count, password, keylen, key))
-		return FALSE;
-
-	if(ivlen) {
-
-		iv = (char *)wmem_alloc(wmem_packet_scope(), ivlen);
-
-		if(!generate_key_or_iv(2 /* IV */, salt, iteration_count, password, ivlen, iv))
-			return FALSE;
-	}
-
-	/* now try an internal function */
-	err = gcry_cipher_open(&cipher, algo, mode, 0);
-	if (gcry_err_code (err))
-			return FALSE;
-
-	err = gcry_cipher_setkey (cipher, key, keylen);
-	if (gcry_err_code (err)) {
-			gcry_cipher_close (cipher);
-			return FALSE;
-	}
-
-	if(ivlen) {
-		  err = gcry_cipher_setiv (cipher, iv, ivlen);
-		  if (gcry_err_code (err)) {
-			  gcry_cipher_close (cipher);
-			  return FALSE;
-		  }
-	}
-
-	datalen = tvb_captured_length(encrypted_tvb);
-	clear_data = (char *)g_malloc(datalen);
-
-	err = gcry_cipher_decrypt (cipher, clear_data, datalen, (char *)tvb_memdup(wmem_packet_scope(), encrypted_tvb, 0, datalen), datalen);
-	if (gcry_err_code (err)) {
-
-		proto_item_append_text(item, " [Failed to decrypt with password preference]");
-
-		gcry_cipher_close (cipher);
-		g_free(clear_data);
-		return FALSE;
-	}
-
-	gcry_cipher_close (cipher);
-
-	/* We don't know if we have successfully decrypted the data or not so we:
-		a) check the trailing bytes
-		b) see if we start with a sequence or a set (is this too constraining?
-		*/
-
-	/* first the trailing bytes */
-	byte = clear_data[datalen-1];
-	if(byte <= 0x08) {
-		int i;
-
-		for(i = (int)byte; i > 0 ; i--) {
-			if(clear_data[datalen - i] != byte) {
-				decrypt_ok = FALSE;
-				break;
-			}
-		}
-	} else {
-		/* XXX: is this a failure? */
-	}
-
-	/* we assume the result is ASN.1 - check it is a SET or SEQUENCE */
-	byte = clear_data[0];
-	if((byte != 0x30) && (byte != 0x31)) { /* do we need more here? OCTET STRING? */
-		decrypt_ok = FALSE;
-	}
-
-	if(!decrypt_ok) {
-		g_free(clear_data);
-		proto_item_append_text(item, " [Failed to decrypt with supplied password]");
-
-		return FALSE;
-	}
-
-	proto_item_append_text(item, " [Decrypted successfully]");
-
-	tree = proto_item_add_subtree(item, ett_decrypted_pbe);
-
-	/* OK - so now clear_data contains the decrypted data */
-
-	clear_tvb = tvb_new_child_real_data(encrypted_tvb,(const guint8 *)clear_data, datalen, datalen);
-	tvb_set_free_cb(clear_tvb, g_free);
-
-	name = g_string_new("");
-	oidname = oid_resolved_from_string(wmem_packet_scope(), object_identifier_id_param);
-	g_string_printf(name, "Decrypted %s", oidname ? oidname : object_identifier_id_param);
-
-	/* add it as a new source */
-	add_new_data_source(actx->pinfo, clear_tvb, name->str);
-
-	g_string_free(name, TRUE);
-
-	/* now try and decode it */
-	call_ber_oid_callback(object_identifier_id_param, clear_tvb, 0, actx->pinfo, tree, NULL);
-
-	return TRUE;
-#else
-	/* we cannot decrypt */
-	return FALSE;
-
-#endif
-}
-
-#include "packet-pkcs12-fn.c"
-
-static int strip_octet_string(tvbuff_t *tvb)
-{
-  gint8 ber_class;
-  gboolean pc, ind;
-  gint32 tag;
-  guint32 len;
-  int offset = 0;
-
-  /* PKCS#7 encodes the content as OCTET STRING, whereas CMS is just any ANY */
-  /* if we use CMS (rather than PKCS#7) - which we are - we need to strip the OCTET STRING tag */
-  /* before proceeding */
-
-  offset = get_ber_identifier(tvb, 0, &ber_class, &pc, &tag);
-  offset = get_ber_length(tvb, offset, &len, &ind);
-
-  if((ber_class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_OCTETSTRING))
-    return offset;
-
-  return 0;
-
-}
-
-static int dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) {
-  int offset = 0;
-  asn1_ctx_t asn1_ctx;
-  asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
-
-  if((offset = strip_octet_string(tvb)) > 0)
-    dissect_pkcs12_AuthenticatedSafe(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_AuthenticatedSafe_PDU);
-  else
-    proto_tree_add_expert(tree, pinfo, &ei_pkcs12_octet_string_expected, tvb, 0, 1);
-  return tvb_captured_length(tvb);
-}
-
-static int dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
-{
-  int offset = 0;
-  asn1_ctx_t asn1_ctx;
-  asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
-
-  offset = strip_octet_string(tvb);
-
-  dissect_pkcs12_SafeContents(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_SafeContents_PDU);
-  return tvb_captured_length(tvb);
-}
-
-static int dissect_X509Certificate_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
-{
-  int offset = 0;
-  asn1_ctx_t asn1_ctx;
-  asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
-
-  if((offset = strip_octet_string(tvb)) > 0)
-	dissect_x509af_Certificate(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_X509Certificate_PDU);
-  else
-	proto_tree_add_expert(tree, pinfo, &ei_pkcs12_octet_string_expected, tvb, 0, 1);
-
-  return tvb_captured_length(tvb);
-}
-
-/*--- proto_register_pkcs12 ----------------------------------------------*/
-void proto_register_pkcs12(void) {
-
-  /* List of fields */
-  static hf_register_info hf[] = {
-    { &hf_pkcs12_X509Certificate_PDU,
-      { "X509Certificate", "pkcs12.X509Certificate",
-        FT_NONE, BASE_NONE, NULL, 0,
-        "pkcs12.X509Certificate", HFILL }},
-    { &hf_pkcs12_AuthenticatedSafe_PDU,
-      { "AuthenticatedSafe", "pkcs12.AuthenticatedSafe",
-        FT_UINT32, BASE_DEC, NULL, 0,
-        NULL, HFILL }},
-
-#include "packet-pkcs12-hfarr.c"
-  };
-
-  /* List of subtrees */
-  static gint *ett[] = {
-	  &ett_decrypted_pbe,
-#include "packet-pkcs12-ettarr.c"
-  };
-  static ei_register_info ei[] = {
-      { &ei_pkcs12_octet_string_expected, { "pkcs12.octet_string_expected", PI_PROTOCOL, PI_WARN, "BER Error: OCTET STRING expected", EXPFILL }},
-  };
-
-  module_t *pkcs12_module;
-  expert_module_t* expert_pkcs12;
-
-  /* Register protocol */
-  proto_pkcs12 = proto_register_protocol(PNAME, PSNAME, PFNAME);
-
-  /* Register fields and subtrees */
-  proto_register_field_array(proto_pkcs12, hf, array_length(hf));
-  proto_register_subtree_array(ett, array_length(ett));
-  expert_pkcs12 = expert_register_protocol(proto_pkcs12);
-  expert_register_field_array(expert_pkcs12, ei, array_length(ei));
-
-  /* Register preferences */
-  pkcs12_module = prefs_register_protocol(proto_pkcs12, NULL);
-
-  prefs_register_string_preference(pkcs12_module, "password",
-	"Password to decrypt the file with",
-	"The password to used to decrypt the encrypted elements within"
-	" the PKCS#12 file", &password);
-
-  prefs_register_bool_preference(pkcs12_module, "try_null_password",
-	"Try to decrypt with a empty password",
-	"Whether to try and decrypt the encrypted data within the"
-	" PKCS#12 with a NULL password", &try_null_password);
-
-  register_ber_syntax_dissector("PKCS#12", proto_pkcs12, dissect_PFX_PDU);
-  register_ber_oid_syntax(".p12", NULL, "PKCS#12");
-  register_ber_oid_syntax(".pfx", NULL, "PKCS#12");
-}
-
-
-/*--- proto_reg_handoff_pkcs12 -------------------------------------------*/
-void proto_reg_handoff_pkcs12(void) {
-#include "packet-pkcs12-dis-tab.c"
-
-	register_ber_oid_dissector("1.2.840.113549.1.9.22.1", dissect_X509Certificate_OCTETSTRING_PDU, proto_pkcs12, "x509Certificate");
-
-}
-
diff --git a/asn1/pkcs12/packet-pkcs12-template.h b/asn1/pkcs12/packet-pkcs12-template.h
deleted file mode 100644
index 4183ca2721..0000000000
--- a/asn1/pkcs12/packet-pkcs12-template.h
+++ /dev/null
@@ -1,31 +0,0 @@
-/* packet-pkcs12.h
- * Routines for PKCS#12 Personal Information Exchange packet dissection
- * Graeme Lunt 2006
- *
- * Wireshark - Network traffic analyzer
- * By Gerald Combs <gerald@wireshark.org>
- * Copyright 1998 Gerald Combs
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
-
-#ifndef PACKET_PKCS12_H
-#define PACKET_PKCS12_H
-
-void PBE_reset_parameters(void);
-int PBE_decrypt_data(const char *object_identifier_id, tvbuff_t *encrypted_tvb, asn1_ctx_t *actx, proto_item *item);
-
-#endif  /* PACKET_PKCS12_H */
-
diff --git a/asn1/pkcs12/pkcs12.asn b/asn1/pkcs12/pkcs12.asn
deleted file mode 100644
index b55e718b6e..0000000000
--- a/asn1/pkcs12/pkcs12.asn
+++ /dev/null
@@ -1,275 +0,0 @@
-PKCS-12 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
-                 pkcs-12(12) modules(0)  pkcs-12(1)}
-
-DEFINITIONS IMPLICIT TAGS ::=
-
-BEGIN
-
--- EXPORTS ALL
--- All types and values defined in this module is exported for use in
--- other ASN.1 modules. 
-
-IMPORTS
-
-informationFramework
-        FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
-        usefulDefinitions(0) 3}
-
-Attribute
-	FROM InformationFramework informationFramework
-
-ContentInfo, --DigestInfo-- Digest, DigestAlgorithmIdentifier
-	FROM PKCS-7 {iso(1) member-body(2) us(840) rsadsi(113549)
-	pkcs(1) pkcs-7(7) modules(0) pkcs-7(1)}
-
---PrivateKeyInfo, EncryptedPrivateKeyInfo
---	FROM PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549)
---	pkcs(1) pkcs-8(8) modules(1) pkcs-8(1)}
---
---pkcs-9, friendlyName, localKeyId, certTypes, crlTypes
---	FROM PKCS-9 {iso(1) member-body(2) us(840) rsadsi(113549)
---	pkcs(1) pkcs-9(9) modules(0) pkcs-9(1) };--
-
--- A PKCS#8 IMPORT from below
-AlgorithmIdentifier, ALGORITHM-IDENTIFIER
-        FROM PKCS-5 {iso(1) member-body(2) us(840) rsadsi(113549)
-        pkcs(1) pkcs-5(5) modules(16) pkcs-5(1)};
-
-
--- Object identifiers
-
---rsadsi	OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) rsadsi(113549)}
---pkcs    OBJECT IDENTIFIER ::= {rsadsi pkcs(1)}
---pkcs-12	OBJECT IDENTIFIER ::= {pkcs 12}
---pkcs-12PbeIds                  	OBJECT IDENTIFIER ::= {pkcs-12 1}
---pbeWithSHAAnd128BitRC4          OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1}
---pbeWithSHAAnd40BitRC4           OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2}
---pbeWithSHAAnd3-KeyTripleDES-CBC	OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
---pbeWithSHAAnd2-KeyTripleDES-CBC	OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4}
---pbeWithSHAAnd128BitRC2-CBC      OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5}
---pbewithSHAAnd40BitRC2-CBC       OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6}
-
---bagtypes			OBJECT IDENTIFIER ::= {pkcs-12 10 1}
-
--- The PFX PDU
-
-PFX ::= SEQUENCE {
-    	version		INTEGER {v3(3)}(v3,...),
-    	authSafe	ContentInfo,
-    	macData    	MacData OPTIONAL
-}
-
-MacData ::= SEQUENCE {
-    	mac 		DigestInfo,
-	macSalt	        OCTET STRING,
-	iterations	INTEGER DEFAULT 1
--- Note: The default is for historical reasons and its use is
--- deprecated. A higher value, like 1024 is recommended.
-}
-
--- Imported from PKCS#7
-DigestInfo ::= SEQUENCE {
-        digestAlgorithm DigestAlgorithmIdentifier,
-        digest		Digest
-}
-
-AuthenticatedSafe ::= SEQUENCE OF ContentInfo
-	-- Data if unencrypted
-	-- EncryptedData if password-encrypted
-	-- EnvelopedData if public key-encrypted
-
-SafeContents ::= SEQUENCE OF SafeBag
-
-SafeBag ::= SEQUENCE {
-  	bagId	      	-- BAG-TYPE.&id ({PKCS12BagSet}) -- OBJECT IDENTIFIER,
-  	bagValue      	[0] EXPLICIT --BAG-TYPE.&Type({PKCS12BagSet}{@bagId}) -- ANY,
-  	bagAttributes 	SET OF PKCS12Attribute OPTIONAL
-}
-
--- Bag types
-
---keyBag 	  BAG-TYPE ::= 
---	{KeyBag IDENTIFIED BY {bagtypes 1}}
---pkcs8ShroudedKeyBag BAG-TYPE ::=
---	{PKCS8ShroudedKeyBag IDENTIFIED BY {bagtypes 2}}
---certBag BAG-TYPE ::= 
---	{CertBag IDENTIFIED BY {bagtypes 3}}
---crlBag BAG-TYPE ::=
---	{CRLBag IDENTIFIED BY {bagtypes 4}}
---secretBag BAG-TYPE ::=    
---	{SecretBag IDENTIFIED BY {bagtypes 5}}
---safeContentsBag BAG-TYPE ::=
---	{SafeContents IDENTIFIED BY {bagtypes 6}}
-
---PKCS12BagSet BAG-TYPE ::= {
---	keyBag | 
---	pkcs8ShroudedKeyBag |
---	certBag |
---	crlBag | 
---	secretBag | 
---	safeContentsBag,
---	... - - For future extensions
---}
-
---BAG-TYPE ::= TYPE-IDENTIFIER
-
--- KeyBag
-
-KeyBag ::= PrivateKeyInfo
-
--- Shrouded KeyBag
-
-PKCS8ShroudedKeyBag ::= EncryptedPrivateKeyInfo
-
--- CertBag
-
-CertBag ::= SEQUENCE {
-	certId    --BAG-TYPE.&id   ({CertTypes}) -- OBJECT IDENTIFIER,
-	certValue [0] EXPLICIT --BAG-TYPE.&Type ({CertTypes}{@certId})-- ANY
-}
-
---x509Certificate BAG-TYPE ::=
---	{OCTET STRING IDENTIFIED BY {certTypes 1}}
-	-- DER-encoded X.509 certificate stored in OCTET STRING
---sdsiCertificate BAG-TYPE ::=
---	{IA5String IDENTIFIED BY {certTypes 2}}
-	-- Base64-encoded SDSI certificate stored in IA5String
-
---CertTypes BAG-TYPE ::= {
---	x509Certificate |
---	sdsiCertificate,
---	... - - For future extensions
---}
-
--- CRLBag
-
-CRLBag ::= SEQUENCE {
-	crlId     	--BAG-TYPE.&id ({CRLTypes})-- OBJECT IDENTIFIER,
-	crlValue 	[0] EXPLICIT --BAG-TYPE.&Type ({CRLTypes}{@crlId})-- ANY
-}
-
---x509CRL BAG-TYPE ::=
---	{OCTET STRING IDENTIFIED BY {crlTypes 1}}
-	-- DER-encoded X.509 CRL stored in OCTET STRING
-
---CRLTypes BAG-TYPE ::= {
---	x509CRL,
---	... - - For future extensions
---}
-
--- Secret Bag
-
-SecretBag ::= SEQUENCE {
-	secretTypeId --BAG-TYPE.&id ({SecretTypes})-- OBJECT IDENTIFIER,
-	secretValue  [0] EXPLICIT --BAG-TYPE.&Type ({SecretTypes}{@secretTypeId})-- ANY
-}
-
---SecretTypes BAG-TYPE ::= {
---	... - - For future extensions
---}
-
--- Attributes
-
-PKCS12Attribute ::= SEQUENCE {
-	attrId	   	--ATTRIBUTE.&id ({PKCS12AttrSet})-- OBJECT IDENTIFIER,
-	attrValues 	SET OF --ATTRIBUTE.&Type ({PKCS12AttrSet}{@attrId})-- ANY
-} -- This type is compatible with the X.500 type 'Attribute'
-
---PKCS12AttrSet ATTRIBUTE ::= {
---	friendlyName |
---	localKeyId,
---	... - - Other attributes are allowed
---}
-
---END
-
--- We import PKCS#8 here directly rather than creating another dissector
-
---PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-8(8)
---        modules(1) pkcs-8(1)} 
-
--- $Revision: 1.5 $
-
--- This module has been checked for conformance with the ASN.1
--- standard by the OSS ASN.1 Tools
-
---DEFINITIONS IMPLICIT TAGS ::= 
-
---BEGIN
-
--- EXPORTS All --
--- All types and values defined in this module is exported for use in other
--- ASN.1 modules.
-
---IMPORTS
-
---informationFramework
---        FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
---                                usefulDefinitions(0) 3} 
-
---Attribute
---        FROM InformationFramework informationFramework
-
---AlgorithmIdentifier, ALGORITHM-IDENTIFIER
---        FROM PKCS-5 {iso(1) member-body(2) us(840) rsadsi(113549)
---        pkcs(1) pkcs-5(5) modules(16) pkcs-5(1)};
-
--- Private-key information syntax
-
-PrivateKeyInfo ::= SEQUENCE {
-  version Version,
-  privateKeyAlgorithm AlgorithmIdentifier --{{PrivateKeyAlgorithms}}--,
-  privateKey PrivateKey,
-  attributes [0] Attributes OPTIONAL }
-
-Version ::= INTEGER {v1(0)} (v1,...)
-
-PrivateKey ::= OCTET STRING
-
-Attributes ::= SET OF Attribute
-
--- Encrypted private-key information syntax
-
-EncryptedPrivateKeyInfo ::= SEQUENCE {
-    encryptionAlgorithm AlgorithmIdentifier --{{KeyEncryptionAlgorithms}}--,
-    encryptedData EncryptedData 
-}
-
-EncryptedData ::= OCTET STRING
-
---PrivateKeyAlgorithms ALGORITHM-IDENTIFIER ::= {
---    ... - - For local profiles
---}
-
---KeyEncryptionAlgorithms ALGORITHM-IDENTIFIER ::= {
---    ... - - For local profiles
---}
-
--- From RFC 2898
-PBEParameter ::= SEQUENCE {
-    salt		OCTET STRING,
-    iterationCount 	INTEGER
-}
-
-
-PBKDF2Params ::= SEQUENCE {
-    salt CHOICE {
-        specified OCTET STRING,
-	otherSource AlgorithmIdentifier --{{PBKDF2-SaltSources}}--
-	},
-    iterationCount INTEGER --(1..MAX)--,
-    keyLength INTEGER (1..MAX) OPTIONAL,
-    prf AlgorithmIdentifier --{{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1-- OPTIONAL }
-
-PBES2Params ::= SEQUENCE {
-    keyDerivationFunc AlgorithmIdentifier --{{PBES2-KDFs}}--,
-    encryptionScheme AlgorithmIdentifier --{{PBES2-Encs}}-- }
-
-PBMAC1Params ::=  SEQUENCE {
-    keyDerivationFunc AlgorithmIdentifier --{{PBMAC1-KDFs}}--,
-    messageAuthScheme AlgorithmIdentifier --{{PBMAC1-MACs}}-- }
-
-
-END
-
-
diff --git a/asn1/pkcs12/pkcs12.cnf b/asn1/pkcs12/pkcs12.cnf
deleted file mode 100644
index a1b576e5a8..0000000000
--- a/asn1/pkcs12/pkcs12.cnf
+++ /dev/null
@@ -1,159 +0,0 @@
-# pkcs12.cnf
-# PKCS12 conformation file
-
-#.MODULE_IMPORT
-PKCS-7	cms
-PKCS-5	x509af
-
-#.IMPORT ../cms/cms-exp.cnf
-#.IMPORT ../x509if/x509if-exp.cnf
-#.IMPORT ../x509af/x509af-exp.cnf
-
-#.EXPORTS
-
-#.REGISTER
-KeyBag				B "1.2.840.113549.1.12.10.1.1"	"keyBag"
-PKCS8ShroudedKeyBag	B "1.2.840.113549.1.12.10.1.2"	"pkcs8ShroudedKeyBag"
-CertBag				B "1.2.840.113549.1.12.10.1.3"	"certBag"
-SecretBag			B "1.2.840.113549.1.12.10.1.4"	"secretBag"
-CRLBag				B "1.2.840.113549.1.12.10.1.5"	"crlBag"
-SafeContents		B "1.2.840.113549.1.12.10.1.6"	"safeContentsBag"
-
-# PKCS#9 Attributes - see master list in x509sat.cnf
-PFX			B "2.16.840.1.113730.3.1.216"   "pkcs-9-at-PKCS12"
-EncryptedPrivateKeyInfo	B "1.2.840.113549.1.9.25.2"	"pkcs-9-at-encryptedPrivateKeyInfo"
-
-# Password Based Encryption
-PBEParameter		B "1.2.840.113549.1.12.1.1" "pbeWithSHAAnd128BitRC4"
-PBEParameter		B "1.2.840.113549.1.12.1.2" "pbeWithSHAAnd40BitRC4"
-PBEParameter		B "1.2.840.113549.1.12.1.3" "pbeWithSHAAnd3-KeyTripleDES-CBC"
-PBEParameter		B "1.2.840.113549.1.12.1.4" "pbeWithSHAAnd2-KeyTripleDES-CBC"
-PBEParameter		B "1.2.840.113549.1.12.1.5" "pbeWithSHAAnd128BitRC2-CBC"
-PBEParameter		B "1.2.840.113549.1.12.1.6" "pbeWithSHAAnd40BitRC2-CBC"
-
-PBEParameter		B "1.2.840.113549.1.5.1" "pbeWithMD2AndDES-CBC"
-PBEParameter		B "1.2.840.113549.1.5.3" "pbeWithMD5AndDES-CBC"
-PBEParameter		B "1.2.840.113549.1.5.4" "pbeWithMD2AndRC2-CBC"
-PBEParameter		B "1.2.840.113549.1.5.6" "pbeWithMD5AndRC2-CBC"
-PBEParameter		B "1.2.840.113549.1.5.10" "pbeWithSHA1AndDES-CBC"
-PBEParameter		B "1.2.840.113549.1.5.11" "pbeWithSHA1AndRC2-CBC"
-
-PBKDF2Params		B "1.2.840.113549.1.5.12" "id-PBKDF2"
-PBES2Params			B "1.2.840.113549.1.5.13" "id-PBES2"
-PBMAC1Params		B "1.2.840.113549.1.5.14" "id-PBMAC1"
-
-#.NO_EMIT
-
-#.TYPE_RENAME
-
-#.FIELD_RENAME
-PrivateKeyInfo/version		privateKeyVersion
-PBKDF2Params/salt		saltChoice
-
-#.PDU
-#AuthenticatedSafe
-PrivateKeyInfo
-
-#.FN_BODY PFX
-	dissector_handle_t dissector_handle;
-
-	/* we change the CMS id-data dissector to dissect as AuthenticatedSafe
-	   not sure why PKCS#12 couldn't have used its own content type OID for AuthenticatedSafe */
-	dissector_handle=create_dissector_handle(dissect_AuthenticatedSafe_OCTETSTRING_PDU, proto_pkcs12);
-	dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
-
-	%(DEFAULT_BODY)s
-
-	/* restore the original dissector */
-	dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
-
-#.FN_BODY AuthenticatedSafe
-	dissector_handle_t dissector_handle;
-
-	/* we change the CMS id-data dissector to dissect as SafeContents */
-	dissector_handle=create_dissector_handle(dissect_SafeContents_OCTETSTRING_PDU, proto_pkcs12);
-	dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
-
-	%(DEFAULT_BODY)s
-
-	/* restore the original dissector */
-	dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
-
-#.FN_PARS SafeBag/bagId 	FN_VARIANT = _str VAL_PTR = &object_identifier_id
-#.FN_FTR SafeBag/bagId
-  append_oid(tree, object_identifier_id);
-#.END
-
-#.FN_PARS CertBag/certId 	FN_VARIANT = _str VAL_PTR = &object_identifier_id
-#.FN_FTR CertBag/certId
-  append_oid(tree, object_identifier_id);
-#.END
-
-#.FN_PARS CRLBag/crlId 	FN_VARIANT = _str VAL_PTR = &object_identifier_id
-#.FN_FTR CRLBag/crlId
-  append_oid(tree, object_identifier_id);
-#.END
-
-#.FN_PARS SecretBag/secretTypeId 	FN_VARIANT = _str VAL_PTR = &object_identifier_id
-#.FN_FTR SecretBag/secretTypeId
-  append_oid(tree, object_identifier_id);
-#.END
-
-#.FN_PARS PKCS12Attribute/attrId 	FN_VARIANT = _str VAL_PTR = &object_identifier_id
-#.FN_FTR PKCS12Attribute/attrId
-  append_oid(tree, object_identifier_id);
-#.END
-
-#.FN_BODY SafeBag/bagValue
-	if(object_identifier_id)
-		offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
-
-#.FN_BODY PKCS12Attribute/attrValues/_item
-	if(object_identifier_id)
-		offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
-
-#.FN_BODY CertBag/certValue
-	if(object_identifier_id)
-		offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
-
-#.FN_BODY CRLBag/crlValue
-	if(object_identifier_id)
-		offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
-
-#.FN_BODY SecretBag/secretValue
-	if(object_identifier_id)
-		offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
-
-#.FN_HDR PBEParameter
-	/* initialise the encryption parameters */
-	PBE_reset_parameters();
-
-#.END
-
-#.FN_PARS OCTET_STRING VAL_PTR = (hf_index == hf_pkcs12_salt ? &salt : NULL)
-#.FN_PARS INTEGER VAL_PTR = (hf_index == hf_pkcs12_iterationCount ? &iteration_count : NULL)
-
-#.FN_PARS EncryptedData VAL_PTR = &encrypted_tvb
-
-#.FN_HDR EncryptedData
-	tvbuff_t *encrypted_tvb;
-	dissector_handle_t dissector_handle;
-
-#.END
-
-#.FN_FTR EncryptedData
-
-
-
-	dissector_handle=create_dissector_handle(dissect_PrivateKeyInfo_PDU, proto_pkcs12);
-	dissector_change_string("ber.oid", object_identifier_id, dissector_handle);
-
-	PBE_decrypt_data(object_identifier_id, encrypted_tvb, actx, actx->created_item);
-
-	/* restore the original dissector */
-	dissector_reset_string("ber.oid", object_identifier_id);
-
-#.END
-
-
-