diff options
author | gal <gal@f5534014-38df-0310-8fa8-9805f1628bb7> | 2011-07-14 13:47:13 +0000 |
---|---|---|
committer | gal <gal@f5534014-38df-0310-8fa8-9805f1628bb7> | 2011-07-14 13:47:13 +0000 |
commit | d5c65b926a9042f043ae3ca5bb09e2482a5c38e5 (patch) | |
tree | 89d9ffdd065858541d5080d118ebc6f09ea1ea39 /asn1 | |
parent | 17a5350be31e0b4ff19ee75d8ccf0145049edaaa (diff) |
Update the algorithms in line with RFC 5912 including support for eliptic curve algorithms.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38017 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'asn1')
-rw-r--r-- | asn1/pkcs1/Makefile.common | 2 | ||||
-rw-r--r-- | asn1/pkcs1/PKCS1.asn | 57 | ||||
-rw-r--r-- | asn1/pkcs1/PKIXAlgs-2009.asn | 566 | ||||
-rw-r--r-- | asn1/pkcs1/packet-pkcs1-template.c | 20 | ||||
-rw-r--r-- | asn1/pkcs1/pkcs1.cnf | 15 |
5 files changed, 602 insertions, 58 deletions
diff --git a/asn1/pkcs1/Makefile.common b/asn1/pkcs1/Makefile.common index 17ffaa6dd3..146352a8c2 100644 --- a/asn1/pkcs1/Makefile.common +++ b/asn1/pkcs1/Makefile.common @@ -28,7 +28,7 @@ DISSECTOR_FILES=packet-$(PROTOCOL_NAME).c \ EXT_ASN_FILE_LIST = -ASN_FILE_LIST = PKCS1.asn +ASN_FILE_LIST = PKIXAlgs-2009.asn # The packet-$(PROTOCOL_NAME)-template.h and $(PROTOCOL_NAME).asn # files do not exist for all protocols: Please add/remove as required. diff --git a/asn1/pkcs1/PKCS1.asn b/asn1/pkcs1/PKCS1.asn deleted file mode 100644 index c586de96c5..0000000000 --- a/asn1/pkcs1/PKCS1.asn +++ /dev/null @@ -1,57 +0,0 @@ --- Module PKCS-1 --- Transcribed from RFC2313 - -PKCS-1 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } DEFINITIONS ::= -BEGIN - -IMPORTS - AlgorithmIdentifier - FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1) - authenticationFramework(7) 4}; - --- EXPORTS All --- The types and values defined in this module have been transcribed from RFC2313 - -RSAPublicKey ::= SEQUENCE { - modulus INTEGER, -- n - publicExponent INTEGER -- e -} - -RSAPrivateKey ::= SEQUENCE { - version Version, - modulus INTEGER, -- n - publicExponent INTEGER, -- e - privateExponent INTEGER, -- d - prime1 INTEGER, -- p - prime2 INTEGER, -- q - exponent1 INTEGER, -- d mod (p-1) - exponent2 INTEGER, -- d mod (q-1) - coefficient INTEGER -- (inverse of q) mod p -} - -Version ::= INTEGER - -DigestInfo ::= SEQUENCE { - digestAlgorithm DigestAlgorithmIdentifier, - digest Digest -} - -DigestAlgorithmIdentifier ::= AlgorithmIdentifier - -Digest ::= OCTET STRING - - --- These algorithms have NULL parameters --- md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2 } --- md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4 } --- md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 5 } - - --- pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) US(840) rsadsi(113549) pkcs(1) 1 } --- rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } --- md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 } --- md4WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 3 } --- md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 } - -END - diff --git a/asn1/pkcs1/PKIXAlgs-2009.asn b/asn1/pkcs1/PKIXAlgs-2009.asn new file mode 100644 index 0000000000..baaaadc14e --- /dev/null +++ b/asn1/pkcs1/PKIXAlgs-2009.asn @@ -0,0 +1,566 @@ +-- +-- $Id$ +-- Transcribed from RFC 5912 +-- + +PKIXAlgs-2009 { iso(1) identified-organization(3) dod(6) + internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) + id-mod-pkix1-algorithms2008-02(56) } + + DEFINITIONS EXPLICIT TAGS ::= + BEGIN + IMPORTS + + PUBLIC-KEY, SIGNATURE-ALGORITHM, DIGEST-ALGORITHM, SMIME-CAPS + FROM AlgorithmInformation-2009 + {iso(1) identified-organization(3) dod(6) internet(1) security(5) + mechanisms(5) pkix(7) id-mod(0) + id-mod-algorithmInformation-02(58)} + + mda-sha224, mda-sha256, mda-sha384, mda-sha512 + FROM PKIX1-PSS-OAEP-Algorithms-2009 + {iso(1) identified-organization(3) dod(6) internet(1) + security(5) mechanisms(5) pkix(7) id-mod(0) + id-mod-pkix1-rsa-pkalgs-02(54)} + +-- Additional IMPORT for Wireshark + AlgorithmIdentifier + FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1) + authenticationFramework(7) 4}; + + + -- + -- Public Key (pk-) Algorithms + -- + + PublicKeys PUBLIC-KEY ::= { + pk-rsa | + pk-dsa | + pk-dh | + pk-kea, + ..., + pk-ec | + pk-ecDH | + pk-ecMQV + } + + -- + -- Signature Algorithms (sa-) + -- + + SignatureAlgs SIGNATURE-ALGORITHM ::= { + sa-rsaWithMD2 | + sa-rsaWithMD5 | + sa-rsaWithSHA1 | + sa-dsaWithSHA1 | + sa-ecdsaWithSHA1, + ..., -- Extensible + sa-dsaWithSHA224 | + sa-dsaWithSHA256 | + sa-ecdsaWithSHA224 | + sa-ecdsaWithSHA256 | + sa-ecdsaWithSHA384 | + sa-ecdsaWithSHA512 + } + + -- + -- S/MIME CAPS for algorithms in this document + -- + -- For all of the algorithms laid out in this document, the + -- parameters field for the S/MIME capabilities is defined as + -- ABSENT as there are no specific values that need to be known + -- by the receiver for negotiation. + + -- + + SMimeCaps SMIME-CAPS ::= { + sa-rsaWithMD2.&smimeCaps | + sa-rsaWithMD5.&smimeCaps | + sa-rsaWithSHA1.&smimeCaps | + sa-dsaWithSHA1.&smimeCaps | + sa-dsaWithSHA224.&smimeCaps | + sa-dsaWithSHA256.&smimeCaps | + sa-ecdsaWithSHA1.&smimeCaps | + sa-ecdsaWithSHA224.&smimeCaps | + sa-ecdsaWithSHA256.&smimeCaps | + sa-ecdsaWithSHA384.&smimeCaps | + sa-ecdsaWithSHA512.&smimeCaps, + ... } + + -- RSA PK Algorithm, Parameters, and Keys + +-- pk-rsa PUBLIC-KEY ::= { +-- IDENTIFIER rsaEncryption +-- KEY RSAPublicKey +-- PARAMS TYPE NULL ARE absent + -- Private key format not in this module -- +-- CERT-KEY-USAGE {digitalSignature, nonRepudiation, +-- keyEncipherment, dataEncipherment, keyCertSign, cRLSign} +-- } + + rsaEncryption OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) + pkcs-1(1) 1 } + + RSAPublicKey ::= SEQUENCE { + modulus INTEGER, -- n + publicExponent INTEGER -- e + } + +-- Wireshark additions to ensure compatibility with the original PKCS1.asn + +RSAPrivateKey ::= SEQUENCE { + version Version, + modulus INTEGER, -- n + publicExponent INTEGER, -- e + privateExponent INTEGER, -- d + prime1 INTEGER, -- p + prime2 INTEGER, -- q + exponent1 INTEGER, -- d mod (p-1) + exponent2 INTEGER, -- d mod (q-1) + coefficient INTEGER -- (inverse of q) mod p +} + +Version ::= INTEGER + +DigestInfo ::= SEQUENCE { + digestAlgorithm DigestAlgorithmIdentifier, + digest Digest +} + +DigestAlgorithmIdentifier ::= AlgorithmIdentifier + +Digest ::= OCTET STRING + +-- End of Wireshark additions + + -- DSA PK Algorithm, Parameters, and Keys + +-- pk-dsa PUBLIC-KEY ::= { +-- IDENTIFIER id-dsa +-- KEY DSAPublicKey +-- PARAMS TYPE DSA-Params ARE inheritable + -- Private key format not in this module -- +-- CERT-KEY-USAGE { digitalSignature, nonRepudiation, keyCertSign, +-- cRLSign } +-- } + + id-dsa OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 } + + DSA-Params ::= SEQUENCE { + p INTEGER, + q INTEGER, + g INTEGER + } + + DSAPublicKey ::= INTEGER -- public key, y + + -- Diffie-Hellman PK Algorithm, Parameters, and Keys + +-- pk-dh PUBLIC-KEY ::= { +-- IDENTIFIER dhpublicnumber +-- KEY DHPublicKey +-- PARAMS TYPE DomainParameters ARE inheritable + -- Private key format not in this module -- +-- CERT-KEY-USAGE {keyAgreement, encipherOnly, decipherOnly } +-- } + + dhpublicnumber OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-x942(10046) + number-type(2) 1 } + + DomainParameters ::= SEQUENCE { + p INTEGER, -- odd prime, p=jq +1 + g INTEGER, -- generator, g + q INTEGER, -- factor of p-1 + j INTEGER OPTIONAL, -- subgroup factor, j>= 2 + validationParams ValidationParams OPTIONAL + } + + ValidationParams ::= SEQUENCE { + seed BIT STRING, + pgenCounter INTEGER + } + + DHPublicKey ::= INTEGER -- public key, y = g^x mod p + + -- KEA PK Algorithm and Parameters + +-- pk-kea PUBLIC-KEY ::= { +-- IDENTIFIER id-keyExchangeAlgorithm + -- key is not encoded -- +-- PARAMS TYPE KEA-Params-Id ARE required + -- Private key format not in this module -- +-- CERT-KEY-USAGE {keyAgreement, encipherOnly, decipherOnly } +-- } + + id-keyExchangeAlgorithm OBJECT IDENTIFIER ::= { + joint-iso-itu-t(2) country(16) us(840) organization(1) + gov(101) dod(2) infosec(1) algorithms(1) 22 } + + KEA-Params-Id ::= OCTET STRING + + -- Elliptic Curve (EC) Signatures: Unrestricted Algorithms + -- (Section 2.1.1 of RFC 5480) + -- + -- EC Unrestricted Algorithm ID -- -- this is used for ECDSA + +-- pk-ec PUBLIC-KEY ::= { +-- IDENTIFIER id-ecPublicKey +-- KEY ECPoint +-- PARAMS TYPE ECParameters ARE required + -- Private key format not in this module -- +-- CERT-KEY-USAGE { digitalSignature, nonRepudiation, keyAgreement, +-- keyCertSign, cRLSign } +-- } + + ECPoint ::= OCTET STRING -- see RFC 5480 for syntax and restrictions + + id-ecPublicKey OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } + + -- Elliptic Curve (EC) Signatures: Restricted Algorithms + -- (Section 2.1.2 of RFC 5480) + -- + -- EC Diffie-Hellman Algorithm ID + +-- pk-ecDH PUBLIC-KEY ::= { +-- IDENTIFIER id-ecDH +-- KEY ECPoint +-- PARAMS TYPE ECParameters ARE required + -- Private key format not in this module -- +-- CERT-KEY-USAGE { keyAgreement, encipherOnly, decipherOnly } +-- } + + id-ecDH OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) schemes(1) + ecdh(12) } + + -- EC Menezes-Qu-Vanstone Algorithm ID + +-- pk-ecMQV PUBLIC-KEY ::= { +-- IDENTIFIER id-ecMQV +-- KEY ECPoint +-- PARAMS TYPE ECParameters ARE required + -- Private key format not in this module -- +-- CERT-KEY-USAGE { keyAgreement, encipherOnly, decipherOnly } +-- } + + id-ecMQV OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) schemes(1) + ecmqv(13) } + + -- Parameters and Keys for both Restricted and Unrestricted EC + + ECParameters ::= CHOICE { + namedCurve --CURVE.&id({NamedCurve}) -- OBJECT IDENTIFIER + -- implicitCurve NULL + -- implicitCurve MUST NOT be used in PKIX + -- specifiedCurve SpecifiedCurve + -- specifiedCurve MUST NOT be used in PKIX + -- Details for specifiedCurve can be found in [X9.62] + -- Any future additions to this CHOICE should be coordinated + -- with ANSI X.9. + } + -- If you need to be able to decode ANSI X.9 parameter structures, + -- uncomment the implicitCurve and specifiedCurve above, and also + -- uncomment the following: + -- (WITH COMPONENTS {namedCurve PRESENT}) + + -- Sec 2.1.1.1 Named Curve + + CURVE ::= CLASS { &id OBJECT IDENTIFIER UNIQUE } + WITH SYNTAX { ID &id } + + NamedCurve CURVE ::= { + { ID secp192r1 } | { ID sect163k1 } | { ID sect163r2 } | + { ID secp224r1 } | { ID sect233k1 } | { ID sect233r1 } | + { ID secp256r1 } | { ID sect283k1 } | { ID sect283r1 } | + { ID secp384r1 } | { ID sect409k1 } | { ID sect409r1 } | + { ID secp521r1 } | { ID sect571k1 } | { ID sect571r1 }, + ... -- Extensible + } + + -- Note in [X9.62] the curves are referred to as 'ansiX9' as + -- opposed to 'sec'. For example, secp192r1 is the same curve as + -- ansix9p192r1. + + -- Note that in [PKI-ALG] the secp192r1 curve was referred to as + -- prime192v1 and the secp256r1 curve was referred to as + -- prime256v1. + + -- Note that [FIPS186-3] refers to secp192r1 as P-192, + -- secp224r1 as P-224, secp256r1 as P-256, secp384r1 as P-384, + -- and secp521r1 as P-521. + + secp192r1 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) + prime(1) 1 } + + sect163k1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 1 } + + sect163r2 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 15 } + + secp224r1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 33 } + + sect233k1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 26 } + + sect233r1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 27 } + + secp256r1 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) + prime(1) 7 } + + sect283k1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 16 } + + sect283r1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 17 } + + secp384r1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 34 } + + sect409k1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 36 } + + sect409r1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 37 } + + secp521r1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 35 } + + sect571k1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 38 } + + sect571r1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) curve(0) 39 } + + -- RSA with MD-2 + +-- sa-rsaWithMD2 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER md2WithRSAEncryption +-- PARAMS TYPE NULL ARE required +-- HASHES { mda-md2 } +-- PUBLIC-KEYS { pk-rsa } +-- SMIME-CAPS { IDENTIFIED BY md2WithRSAEncryption } +-- } + + md2WithRSAEncryption OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) + pkcs-1(1) 2 } + + -- RSA with MD-5 + +-- sa-rsaWithMD5 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER md5WithRSAEncryption +-- PARAMS TYPE NULL ARE required +-- HASHES { mda-md5 } +-- PUBLIC-KEYS { pk-rsa } +-- SMIME-CAPS { IDENTIFIED BY md5WithRSAEncryption } +-- } + + md5WithRSAEncryption OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) + pkcs-1(1) 4 } + + -- RSA with SHA-1 + +-- sa-rsaWithSHA1 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER sha1WithRSAEncryption +-- PARAMS TYPE NULL ARE required +-- HASHES { mda-sha1 } +-- PUBLIC-KEYS { pk-rsa } +-- SMIME-CAPS {IDENTIFIED BY sha1WithRSAEncryption } +-- } + + sha1WithRSAEncryption OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) + pkcs-1(1) 5 } + + -- DSA with SHA-1 + +-- sa-dsaWithSHA1 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER dsa-with-sha1 +-- VALUE DSA-Sig-Value +-- PARAMS TYPE NULL ARE absent +-- HASHES { mda-sha1 } +-- PUBLIC-KEYS { pk-dsa } +-- SMIME-CAPS { IDENTIFIED BY dsa-with-sha1 } +-- } + + dsa-with-sha1 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 3 } + + -- DSA with SHA-224 + +-- sa-dsaWithSHA224 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER dsa-with-sha224 +-- VALUE DSA-Sig-Value +-- PARAMS TYPE NULL ARE absent +-- HASHES { mda-sha224 } +-- PUBLIC-KEYS { pk-dsa } +-- SMIME-CAPS { IDENTIFIED BY dsa-with-sha224 } +-- } + + dsa-with-sha224 OBJECT IDENTIFIER ::= { + joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) + csor(3) algorithms(4) id-dsa-with-sha2(3) 1 } + + -- DSA with SHA-256 + +-- sa-dsaWithSHA256 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER dsa-with-sha256 +-- VALUE DSA-Sig-Value +-- PARAMS TYPE NULL ARE absent +-- HASHES { mda-sha256 } +-- PUBLIC-KEYS { pk-dsa } +-- SMIME-CAPS { IDENTIFIED BY dsa-with-sha256 } +-- } + + dsa-with-sha256 OBJECT IDENTIFIER ::= { + joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) + csor(3) algorithms(4) id-dsa-with-sha2(3) 2 } + + -- ECDSA with SHA-1 + +-- sa-ecdsaWithSHA1 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER ecdsa-with-SHA1 +-- VALUE ECDSA-Sig-Value +-- PARAMS TYPE NULL ARE absent +-- HASHES { mda-sha1 } +-- PUBLIC-KEYS { pk-ec } +-- SMIME-CAPS {IDENTIFIED BY ecdsa-with-SHA1 } +-- } + + ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) + signatures(4) 1 } + + -- ECDSA with SHA-224 + +-- sa-ecdsaWithSHA224 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER ecdsa-with-SHA224 +-- VALUE ECDSA-Sig-Value +-- PARAMS TYPE NULL ARE absent +-- HASHES { mda-sha224 } +-- PUBLIC-KEYS { pk-ec } +-- SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA224 } +-- } + + ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + ecdsa-with-SHA2(3) 1 } + + -- ECDSA with SHA-256 + +-- sa-ecdsaWithSHA256 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER ecdsa-with-SHA256 +-- VALUE ECDSA-Sig-Value +-- PARAMS TYPE NULL ARE absent +-- HASHES { mda-sha256 } +-- PUBLIC-KEYS { pk-ec } +-- SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA256 } +-- } + + ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + ecdsa-with-SHA2(3) 2 } + + -- ECDSA with SHA-384 + +-- sa-ecdsaWithSHA384 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER ecdsa-with-SHA384 +-- VALUE ECDSA-Sig-Value +-- PARAMS TYPE NULL ARE absent +-- HASHES { mda-sha384 } +-- PUBLIC-KEYS { pk-ec } +-- SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA384 } +-- } + + ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + ecdsa-with-SHA2(3) 3 } + + -- ECDSA with SHA-512 + +-- sa-ecdsaWithSHA512 SIGNATURE-ALGORITHM ::= { +-- IDENTIFIER ecdsa-with-SHA512 +-- VALUE ECDSA-Sig-Value +-- PARAMS TYPE NULL ARE absent +-- HASHES { mda-sha512 } +-- PUBLIC-KEYS { pk-ec } +-- SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA512 } +-- } + + ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + ecdsa-with-SHA2(3) 4 } + + -- + -- Signature Values + -- + + -- DSA + + DSA-Sig-Value ::= SEQUENCE { + r INTEGER, + s INTEGER + } + + -- ECDSA + + ECDSA-Sig-Value ::= SEQUENCE { + r INTEGER, + s INTEGER + } + + -- + -- Message Digest Algorithms (mda-) + -- + + HashAlgs DIGEST-ALGORITHM ::= { + mda-md2 | + mda-md5 | + mda-sha1, + ... -- Extensible + } + -- MD-2 + +-- mda-md2 DIGEST-ALGORITHM ::= { +-- IDENTIFIER id-md2 +-- PARAMS TYPE NULL ARE preferredAbsent +-- } + + id-md2 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) rsadsi(113549) + digestAlgorithm(2) 2 } + + -- MD-5 + +-- mda-md5 DIGEST-ALGORITHM ::= { +-- IDENTIFIER id-md5 +-- PARAMS TYPE NULL ARE preferredAbsent +-- } + + id-md5 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) rsadsi(113549) + digestAlgorithm(2) 5 } + + -- SHA-1 + +-- mda-sha1 DIGEST-ALGORITHM ::= { +-- IDENTIFIER id-sha1 +-- PARAMS TYPE NULL ARE preferredAbsent +-- } + + id-sha1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) oiw(14) secsig(3) + algorithm(2) 26 } + + END diff --git a/asn1/pkcs1/packet-pkcs1-template.c b/asn1/pkcs1/packet-pkcs1-template.c index c110bb27b1..a98cbca71b 100644 --- a/asn1/pkcs1/packet-pkcs1-template.c +++ b/asn1/pkcs1/packet-pkcs1-template.c @@ -29,6 +29,7 @@ #include <glib.h> #include <epan/packet.h> +#include <epan/oids.h> #include <epan/asn1.h> #include "packet-ber.h" @@ -73,6 +74,8 @@ void proto_register_pkcs1(void) { /*--- proto_reg_handoff_pkcs1 -------------------------------------------*/ void proto_reg_handoff_pkcs1(void) { +#include "packet-pkcs1-dis-tab.c" + register_ber_oid_dissector("1.2.840.113549.2.2", dissect_ber_oid_NULL_callback, proto_pkcs1, "md2"); register_ber_oid_dissector("1.2.840.113549.2.4", dissect_ber_oid_NULL_callback, proto_pkcs1, "md4"); register_ber_oid_dissector("1.2.840.113549.2.5", dissect_ber_oid_NULL_callback, proto_pkcs1, "md5"); @@ -88,5 +91,22 @@ void proto_reg_handoff_pkcs1(void) { */ register_ber_oid_dissector("1.2.840.113549.1.1.5", dissect_ber_oid_NULL_callback, proto_pkcs1, "shaWithRSAEncryption"); register_ber_oid_dissector("1.2.840.113549.1.1.6", dissect_ber_oid_NULL_callback, proto_pkcs1, "rsaOAEPEncryptionSET"); + + oid_add_from_string("secp192r1","1.2.840.10045.3.1.1"); + oid_add_from_string("sect163k1","1.3.132.0.1"); + oid_add_from_string("sect163r2","1.3.132.0.15"); + oid_add_from_string("secp224r1","1.3.132.0.33"); + oid_add_from_string("sect233k1","1.3.132.0.26"); + oid_add_from_string("sect233r1","1.3.132.0.27"); + oid_add_from_string("secp256r1","1.2.840.10045.3.1.7"); + oid_add_from_string("sect283k1","1.3.132.0.16"); + oid_add_from_string("sect283r1","1.3.132.0.17"); + oid_add_from_string("secp384r1","1.3.132.0.34"); + oid_add_from_string("sect409k1","1.3.132.0.36"); + oid_add_from_string("sect409r1","1.3.132.0.37"); + oid_add_from_string("sect521r1","1.3.132.0.35") +; oid_add_from_string("sect571k1","1.3.132.0.38"); + oid_add_from_string("sect571r1","1.3.132.0.39"); + } diff --git a/asn1/pkcs1/pkcs1.cnf b/asn1/pkcs1/pkcs1.cnf index e50bddc6fd..91adbdfb85 100644 --- a/asn1/pkcs1/pkcs1.cnf +++ b/asn1/pkcs1/pkcs1.cnf @@ -17,6 +17,21 @@ DigestInfo #.FIELD_RENAME +#.REGISTER +DSA-Params B "1.2.840.10040.4.1" "id-dsa" +DomainParameters B "1.2.840.10046.2.1" "dhpublicnumber" +KEA-Params-Id B "2.16.840.1.101.2.1.1.22" "id-keyExchangeAlgorithm" +ECParameters B "1.2.840.10045.2.1" "id-ecPublicKey" +ECParameters B "1.3.132.1.12" "id-ecDH" +ECParameters B "1.2.840.10045.2.13" "id-ecMQV" + +#.NO_EMIT +DSAPublicKey +DHPublicKey +ECPoint +DSA-Sig-Value +ECDSA-Sig-Value + #.END |