Move /asn1 to /epan/dissectors

Change-Id: I1208fe3c2ba428995526f561e8f792b8d871e9a9
Reviewed-on: https://code.wireshark.org/review/14388
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>

8 files changed, 538 insertions, 0 deletions

diff --git a/epan/dissectors/asn1/pkixac/CMakeLists.txt b/epan/dissectors/asn1/pkixac/CMakeLists.txt
new file mode 100644
index 0000000000..70d87940bb
--- /dev/null
+++ b/epan/dissectors/asn1/pkixac/CMakeLists.txt
@@ -0,0 +1,55 @@
+# CMakeLists.txt
+#
+# Wireshark - Network traffic analyzer
+# By Gerald Combs <gerald@wireshark.org>
+# Copyright 1998 Gerald Combs
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+set( PROTOCOL_NAME pkixac )
+
+set( PROTO_OPT )
+
+set( EXT_ASN_FILE_LIST
+)
+
+set( ASN_FILE_LIST
+	PKIXAttributeCertificate.asn
+)
+
+set( EXTRA_DIST
+	${ASN_FILE_LIST}
+	packet-${PROTOCOL_NAME}-template.c
+	packet-${PROTOCOL_NAME}-template.h
+	${PROTOCOL_NAME}.cnf
+)
+
+set( SRC_FILES
+	${EXTRA_DIST}
+	${EXT_ASN_FILE_LIST}
+)
+
+set( A2W_FLAGS -b )
+
+set( EXTRA_CNF
+	../pkix1explicit/pkix1explicit_exp.cnf
+	../pkix1implicit/pkix1implicit_exp.cnf
+	"${CMAKE_CURRENT_BINARY_DIR}/../x509af/x509af-exp.cnf"
+	"${CMAKE_CURRENT_BINARY_DIR}/../x509ce/x509ce-exp.cnf"
+)
+
+ASN2WRS()
+
diff --git a/epan/dissectors/asn1/pkixac/Makefile.am b/epan/dissectors/asn1/pkixac/Makefile.am
new file mode 100644
index 0000000000..72d28e600b
--- /dev/null
+++ b/epan/dissectors/asn1/pkixac/Makefile.am
@@ -0,0 +1,23 @@
+# Wireshark - Network traffic analyzer
+# By Gerald Combs <gerald@wireshark.org>
+# Copyright 1998 Gerald Combs
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+
+include ../Makefile.preinc
+include Makefile.common
+include ../Makefile.inc
+
diff --git a/epan/dissectors/asn1/pkixac/Makefile.common b/epan/dissectors/asn1/pkixac/Makefile.common
new file mode 100644
index 0000000000..422894cc1b
--- /dev/null
+++ b/epan/dissectors/asn1/pkixac/Makefile.common
@@ -0,0 +1,53 @@
+# Wireshark - Network traffic analyzer
+# By Gerald Combs <gerald@wireshark.org>
+# Copyright 1998 Gerald Combs
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+
+PROTOCOL_NAME=pkixac
+
+EXT_ASN_FILE_LIST =
+
+ASN_FILE_LIST = \
+	PKIXAttributeCertificate.asn
+
+# The packet-$(PROTOCOL_NAME)-template.h and $(PROTOCOL_NAME).asn
+# files do not exist for all protocols: Please add/remove as required.
+EXTRA_DIST = \
+	$(EXTRA_DIST_COMMON) \
+	$(ASN_FILE_LIST) \
+	packet-$(PROTOCOL_NAME)-template.c \
+	packet-$(PROTOCOL_NAME)-template.h \
+	$(PROTOCOL_NAME).cnf
+
+SRC_FILES = \
+	$(EXTRA_DIST) \
+	$(EXT_ASN_FILE_LIST)
+
+A2W_FLAGS= -b
+
+EXTRA_CNF= \
+	$(builddir)/../pkix1explicit/pkix1explicit_exp.cnf \
+	$(builddir)/../pkix1implicit/pkix1implicit_exp.cnf \
+	$(builddir)/../x509af/x509af-exp.cnf \
+	$(builddir)/../x509ce/x509ce-exp.cnf
+
+$(builddir)/../x509af/x509af-exp.cnf:
+	(cd $(builddir)/../x509af && $(MAKE_CNF_EXPORT))
+
+$(builddir)/../x509ce/x509ce-exp.cnf:
+	(cd $(builddir)/../x509ce && $(MAKE_CNF_EXPORT))
+
diff --git a/epan/dissectors/asn1/pkixac/Makefile.nmake b/epan/dissectors/asn1/pkixac/Makefile.nmake
new file mode 100644
index 0000000000..d296638ddd
--- /dev/null
+++ b/epan/dissectors/asn1/pkixac/Makefile.nmake
@@ -0,0 +1,26 @@
+## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
+#
+# Wireshark - Network traffic analyzer
+# By Gerald Combs <gerald@wireshark.org>
+# Copyright 1998 Gerald Combs
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+
+include ../../../../config.nmake
+include ../Makefile.preinc.nmake
+include Makefile.common
+include ../Makefile.inc.nmake
+
diff --git a/epan/dissectors/asn1/pkixac/PKIXAttributeCertificate.asn b/epan/dissectors/asn1/pkixac/PKIXAttributeCertificate.asn
new file mode 100644
index 0000000000..5a99c7ddb1
--- /dev/null
+++ b/epan/dissectors/asn1/pkixac/PKIXAttributeCertificate.asn
@@ -0,0 +1,200 @@
+PKIXAttributeCertificate {iso(1) identified-organization(3) dod(6)
+          internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
+          id-mod-attribute-cert(12)}
+
+DEFINITIONS IMPLICIT TAGS ::=
+
+BEGIN
+
+-- EXPORTS ALL --
+
+IMPORTS
+
+      -- IMPORTed module OIDs MAY change if [PKIXPROF] changes
+      -- PKIX Certificate Extensions
+         Attribute, AlgorithmIdentifier, CertificateSerialNumber,
+         Extensions, UniqueIdentifier,
+         id-pkix, id-pe, id-kp, id-ad, id-at
+         FROM PKIX1Explicit88 {iso(1) identified-organization(3)
+                  dod(6) internet(1) security(5) mechanisms(5)
+                  pkix(7) id-mod(0) id-pkix1-explicit-88(1)}
+
+         GeneralName, GeneralNames, id-ce
+         FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1)
+                  certificateExtensions(26) 5} ;
+--         FROM PKIX1Implicit88 {iso(1) identified-organization(3)
+--                  dod(6) internet(1) security(5) mechanisms(5)
+--                  pkix(7) id-mod(0) id-pkix1-implicit-88(2)} ;
+
+id-pe-ac-auditIdentity       OBJECT IDENTIFIER ::= { id-pe 4 }
+id-pe-aaControls             OBJECT IDENTIFIER ::= { id-pe 6 }
+id-pe-ac-proxying            OBJECT IDENTIFIER ::= { id-pe 10 }
+id-ce-targetInformation      OBJECT IDENTIFIER ::= { id-ce 55 }
+
+id-aca                       OBJECT IDENTIFIER ::= { id-pkix 10 }
+id-aca-authenticationInfo    OBJECT IDENTIFIER ::= { id-aca 1 }
+id-aca-accessIdentity        OBJECT IDENTIFIER ::= { id-aca 2 }
+id-aca-chargingIdentity      OBJECT IDENTIFIER ::= { id-aca 3 }
+id-aca-group                 OBJECT IDENTIFIER ::= { id-aca 4 }
+-- { id-aca 5 } is reserved
+id-aca-encAttrs              OBJECT IDENTIFIER ::= { id-aca 6 }
+
+id-at-role                   OBJECT IDENTIFIER ::= { id-at 72}
+id-at-clearance              OBJECT IDENTIFIER ::=
+            { joint-iso-ccitt(2) ds(5) module(1)
+              selected-attribute-types(5) clearance (55) }
+
+       -- Uncomment this if using a 1988 level ASN.1 compiler
+       -- UTF8String ::= [UNIVERSAL 12] IMPLICIT OCTET STRING
+
+       AttributeCertificate ::= SEQUENCE {
+             acinfo               AttributeCertificateInfo,
+             signatureAlgorithm   AlgorithmIdentifier,
+             signatureValue       BIT STRING
+       }
+
+       AttributeCertificateInfo ::= SEQUENCE {
+          version        AttCertVersion,  -- version is v2
+          holder         Holder,
+          issuer         AttCertIssuer,
+          signature      AlgorithmIdentifier,
+          serialNumber   CertificateSerialNumber,
+          attrCertValidityPeriod   AttCertValidityPeriod,
+          attributes     SEQUENCE OF Attribute,
+          issuerUniqueID UniqueIdentifier OPTIONAL,
+          extensions     Extensions     OPTIONAL
+       }
+
+       AttCertVersion ::= INTEGER { v2(1) }
+
+       Holder ::= SEQUENCE {
+             baseCertificateID   [0] IssuerSerial OPTIONAL,
+                       -- the issuer and serial number of
+                       -- the holder's Public Key Certificate
+             entityName          [1] GeneralNames OPTIONAL,
+                       -- the name of the claimant or role
+             objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
+                       -- used to directly authenticate the
+                       -- holder, for example, an executable
+       }
+
+       ObjectDigestInfo    ::= SEQUENCE {
+             digestedObjectType  ENUMERATED {
+                  publicKey            (0),
+                  publicKeyCert        (1),
+                  otherObjectTypes     (2) },
+                          -- otherObjectTypes MUST NOT
+                          -- MUST NOT be used in this profile
+             otherObjectTypeID   OBJECT IDENTIFIER  OPTIONAL,
+             digestAlgorithm     AlgorithmIdentifier,
+             objectDigest        BIT STRING
+       }
+
+       AttCertIssuer ::= CHOICE {
+             v1Form   GeneralNames,  -- MUST NOT be used in this
+                                     -- profile
+             v2Form   [0] V2Form     -- v2 only
+       }
+
+       V2Form ::= SEQUENCE {
+             issuerName            GeneralNames  OPTIONAL,
+             baseCertificateID     [0] IssuerSerial  OPTIONAL,
+             objectDigestInfo      [1] ObjectDigestInfo  OPTIONAL
+                -- issuerName MUST be present in this profile
+                -- baseCertificateID and objectDigestInfo MUST
+                -- NOT be present in this profile
+       }
+
+       IssuerSerial  ::=  SEQUENCE {
+             issuer         GeneralNames,
+             serial         CertificateSerialNumber,
+             issuerUID      UniqueIdentifier OPTIONAL
+       }
+
+       AttCertValidityPeriod  ::= SEQUENCE {
+             notBeforeTime  GeneralizedTime,
+             notAfterTime   GeneralizedTime
+       }
+
+       Targets ::= SEQUENCE OF Target
+
+       Target  ::= CHOICE {
+             targetName     [0] GeneralName,
+             targetGroup    [1] GeneralName,
+             targetCert     [2] TargetCert
+       }
+
+       TargetCert  ::= SEQUENCE {
+             targetCertificate  IssuerSerial,
+             targetName         GeneralName OPTIONAL,
+             certDigestInfo     ObjectDigestInfo OPTIONAL
+       }
+
+       IetfAttrSyntax ::= SEQUENCE {
+            policyAuthority[0] GeneralNames    OPTIONAL,
+            values         SEQUENCE OF CHOICE {
+                           octets    OCTET STRING,
+                           oid       OBJECT IDENTIFIER,
+                           string    UTF8String
+           }
+       }
+
+       SvceAuthInfo ::=    SEQUENCE {
+             service       GeneralName,
+             ident         GeneralName,
+             authInfo      OCTET STRING OPTIONAL
+       }
+
+       RoleSyntax ::= SEQUENCE {
+             roleAuthority  [0] GeneralNames OPTIONAL,
+             roleName       [1] GeneralName
+       }
+
+       Clearance  ::=  SEQUENCE {
+             policyId       OBJECT IDENTIFIER,
+             classList      ClassList DEFAULT {unclassified},
+             securityCategories
+                            SET OF SecurityCategory  OPTIONAL
+       }
+
+       RFC3281Clearance  ::=  SEQUENCE {
+             policyId       [0] OBJECT IDENTIFIER,
+             classList      [1] ClassList DEFAULT {unclassified},
+             securityCategories
+                            [2] SET OF SecurityCategory  OPTIONAL
+       }
+
+
+       ClassList  ::=  BIT STRING {
+             unmarked       (0),
+             unclassified   (1),
+             restricted     (2),
+             confidential   (3),
+             secret         (4),
+             topSecret      (5)
+       }
+
+       SecurityCategory ::= SEQUENCE {
+             type      [0]  IMPLICIT OBJECT IDENTIFIER,
+             value     [1]  ANY DEFINED BY type
+       }
+
+       AAControls ::= SEQUENCE {
+             pathLenConstraint INTEGER (0..MAX) OPTIONAL,
+             permittedAttrs    [0] AttrSpec OPTIONAL,
+             excludedAttrs     [1] AttrSpec OPTIONAL,
+             permitUnSpecified BOOLEAN DEFAULT TRUE
+       }
+
+       AttrSpec::= SEQUENCE OF OBJECT IDENTIFIER
+
+       ACClearAttrs ::= SEQUENCE {
+             acIssuer          GeneralName,
+             acSerial          INTEGER,
+             attrs             SEQUENCE OF Attribute
+       }
+
+       ProxyInfo ::= SEQUENCE OF Targets
+
+END
+
diff --git a/epan/dissectors/asn1/pkixac/packet-pkixac-template.c b/epan/dissectors/asn1/pkixac/packet-pkixac-template.c
new file mode 100644
index 0000000000..f48b6eec15
--- /dev/null
+++ b/epan/dissectors/asn1/pkixac/packet-pkixac-template.c
@@ -0,0 +1,86 @@
+/* packet-pkixac.c
+ *
+ * Routines for PKIXAttributeCertificate (RFC3281) packet dissection.
+ *
+ * Copyright 2010, Stig Bjorlykke <stig@bjorlykke.org>
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include "config.h"
+
+#include <epan/packet.h>
+
+#include <epan/asn1.h>
+#include "packet-ber.h"
+#include "packet-pkixac.h"
+#include "packet-pkix1explicit.h"
+#include "packet-pkix1implicit.h"
+#include "packet-x509ce.h"
+
+#define PNAME  "PKIX Attribute Certificate"
+#define PSNAME "PKIXAC"
+#define PFNAME "pkixac"
+
+void proto_register_pkixac(void);
+void proto_reg_handoff_pkixac(void);
+
+/* Initialize the protocol and registered fields */
+static int proto_pkixac = -1;
+#include "packet-pkixac-hf.c"
+
+/* Initialize the subtree pointers */
+static gint ett_pkixac = -1;
+#include "packet-pkixac-ett.c"
+
+static const char *object_identifier_id;
+
+#include "packet-pkixac-fn.c"
+
+/*--- proto_register_pkixac ----------------------------------------------*/
+void proto_register_pkixac(void) {
+
+  /* List of fields */
+  static hf_register_info hf[] = {
+#include "packet-pkixac-hfarr.c"
+  };
+
+  /* List of subtrees */
+  static gint *ett[] = {
+	&ett_pkixac,
+#include "packet-pkixac-ettarr.c"
+  };
+
+  /* Register protocol */
+  proto_pkixac = proto_register_protocol(PNAME, PSNAME, PFNAME);
+
+  /* Register fields and subtrees */
+  proto_register_field_array(proto_pkixac, hf, array_length(hf));
+  proto_register_subtree_array(ett, array_length(ett));
+
+#include "packet-pkixac-syn-reg.c"
+
+}
+
+
+/*--- proto_reg_handoff_pkixac -------------------------------------------*/
+void proto_reg_handoff_pkixac(void) {
+#include "packet-pkixac-dis-tab.c"
+}
+
diff --git a/epan/dissectors/asn1/pkixac/packet-pkixac-template.h b/epan/dissectors/asn1/pkixac/packet-pkixac-template.h
new file mode 100644
index 0000000000..a78793cdfc
--- /dev/null
+++ b/epan/dissectors/asn1/pkixac/packet-pkixac-template.h
@@ -0,0 +1,32 @@
+/* packet-pkixac.h
+ *
+ * Routines for PKIXAttributeCertificate (RFC3281) packet dissection.
+ *
+ * Copyright 2010, Stig Bjorlykke <stig@bjorlykke.org>
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef PACKET_PKIXAC_H
+#define PACKET_PKIXAC_H
+
+/*#include "packet-pkixac-exp.h"*/
+
+#endif  /* PACKET_PKIXAC_H */
+
diff --git a/epan/dissectors/asn1/pkixac/pkixac.cnf b/epan/dissectors/asn1/pkixac/pkixac.cnf
new file mode 100644
index 0000000000..0ff6ed5262
--- /dev/null
+++ b/epan/dissectors/asn1/pkixac/pkixac.cnf
@@ -0,0 +1,63 @@
+# pkixac.cnf
+# An Internet Attribute Certificate (RFC3281) conformation file
+
+#.MODULE_IMPORT
+PKIX1Explicit88 pkix1explicit
+PKIX1Implicit88 pkix1implicit
+CertificateExtensions x509ce
+
+#.IMPORT ../pkix1explicit/pkix1explicit_exp.cnf
+#.IMPORT ../pkix1implicit/pkix1implicit_exp.cnf
+#.IMPORT ../x509ce/x509ce-exp.cnf
+
+#.OMIT_ASSIGNMENT
+ACClearAttrs
+AttributeCertificate
+AttributeCertificateInfo
+AttCertVersion
+Holder
+AttCertIssuer
+AttCertValidityPeriod
+V2Form
+
+#.EXPORTS
+
+#.PDU
+
+#.NO_EMIT
+
+#.TYPE_RENAME
+
+#.FIELD_RENAME
+
+#.SYNTAX
+Clearance
+RFC3281Clearance
+
+#.REGISTER
+AAControls              B "1.3.6.1.5.5.7.1.6" "id-pe-aaControls"
+ProxyInfo               B "1.3.6.1.5.5.7.1.10" "id-pe-ac-proxying"
+SvceAuthInfo            B "1.3.6.1.5.5.7.10.1" "id-aca-authenticationInfo"
+SvceAuthInfo            B "1.3.6.1.5.5.7.10.2" "id-aca-accessIdentity"
+IetfAttrSyntax          B "1.3.6.1.5.5.7.10.3" "id-aca-chargingIdentity"
+IetfAttrSyntax          B "1.3.6.1.5.5.7.10.4" "id-aca-group"
+Clearance		B "2.5.1.5.55" "id-at-clearance"
+Clearance		B "2.5.4.55" "id-at-clearance"
+#AttributeCertificate    B "2.5.4.58" "id-at-attributeCertificate"
+RoleSyntax		B "2.5.4.72" "id-at-role"
+Targets                 B "2.5.29.55" "id-ce-targetInformation"
+#AuthorityKeyIdentifier  B "2.5.29.35" "id-ce-authorityKeyIdentifier"
+
+#.FN_BODY  SecurityCategory
+  object_identifier_id = NULL;
+  %(DEFAULT_BODY)s
+
+#.FN_PARS  SecurityCategory/type
+   FN_VARIANT = _str VAL_PTR = &object_identifier_id
+
+#.FN_BODY  SecurityCategory/value
+   if (object_identifier_id)
+      offset = call_ber_oid_callback (object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
+
+#.END
+