1 files changed, 275 insertions, 0 deletions
diff --git a/epan/dissectors/asn1/pkcs12/pkcs12.asn b/epan/dissectors/asn1/pkcs12/pkcs12.asn
new file mode 100644
index 0000000000..b55e718b6e
--- /dev/null
+++ b/epan/dissectors/asn1/pkcs12/pkcs12.asn
@@ -0,0 +1,275 @@
+PKCS-12 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
+                 pkcs-12(12) modules(0)  pkcs-12(1)}
+
+DEFINITIONS IMPLICIT TAGS ::=
+
+BEGIN
+
+-- EXPORTS ALL
+-- All types and values defined in this module is exported for use in
+-- other ASN.1 modules. 
+
+IMPORTS
+
+informationFramework
+        FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
+        usefulDefinitions(0) 3}
+
+Attribute
+	FROM InformationFramework informationFramework
+
+ContentInfo, --DigestInfo-- Digest, DigestAlgorithmIdentifier
+	FROM PKCS-7 {iso(1) member-body(2) us(840) rsadsi(113549)
+	pkcs(1) pkcs-7(7) modules(0) pkcs-7(1)}
+
+--PrivateKeyInfo, EncryptedPrivateKeyInfo
+--	FROM PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549)
+--	pkcs(1) pkcs-8(8) modules(1) pkcs-8(1)}
+--
+--pkcs-9, friendlyName, localKeyId, certTypes, crlTypes
+--	FROM PKCS-9 {iso(1) member-body(2) us(840) rsadsi(113549)
+--	pkcs(1) pkcs-9(9) modules(0) pkcs-9(1) };--
+
+-- A PKCS#8 IMPORT from below
+AlgorithmIdentifier, ALGORITHM-IDENTIFIER
+        FROM PKCS-5 {iso(1) member-body(2) us(840) rsadsi(113549)
+        pkcs(1) pkcs-5(5) modules(16) pkcs-5(1)};
+
+
+-- Object identifiers
+
+--rsadsi	OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) rsadsi(113549)}
+--pkcs    OBJECT IDENTIFIER ::= {rsadsi pkcs(1)}
+--pkcs-12	OBJECT IDENTIFIER ::= {pkcs 12}
+--pkcs-12PbeIds                  	OBJECT IDENTIFIER ::= {pkcs-12 1}
+--pbeWithSHAAnd128BitRC4          OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1}
+--pbeWithSHAAnd40BitRC4           OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2}
+--pbeWithSHAAnd3-KeyTripleDES-CBC	OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
+--pbeWithSHAAnd2-KeyTripleDES-CBC	OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4}
+--pbeWithSHAAnd128BitRC2-CBC      OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5}
+--pbewithSHAAnd40BitRC2-CBC       OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6}
+
+--bagtypes			OBJECT IDENTIFIER ::= {pkcs-12 10 1}
+
+-- The PFX PDU
+
+PFX ::= SEQUENCE {
+    	version		INTEGER {v3(3)}(v3,...),
+    	authSafe	ContentInfo,
+    	macData    	MacData OPTIONAL
+}
+
+MacData ::= SEQUENCE {
+    	mac 		DigestInfo,
+	macSalt	        OCTET STRING,
+	iterations	INTEGER DEFAULT 1
+-- Note: The default is for historical reasons and its use is
+-- deprecated. A higher value, like 1024 is recommended.
+}
+
+-- Imported from PKCS#7
+DigestInfo ::= SEQUENCE {
+        digestAlgorithm DigestAlgorithmIdentifier,
+        digest		Digest
+}
+
+AuthenticatedSafe ::= SEQUENCE OF ContentInfo
+	-- Data if unencrypted
+	-- EncryptedData if password-encrypted
+	-- EnvelopedData if public key-encrypted
+
+SafeContents ::= SEQUENCE OF SafeBag
+
+SafeBag ::= SEQUENCE {
+  	bagId	      	-- BAG-TYPE.&id ({PKCS12BagSet}) -- OBJECT IDENTIFIER,
+  	bagValue      	[0] EXPLICIT --BAG-TYPE.&Type({PKCS12BagSet}{@bagId}) -- ANY,
+  	bagAttributes 	SET OF PKCS12Attribute OPTIONAL
+}
+
+-- Bag types
+
+--keyBag 	  BAG-TYPE ::= 
+--	{KeyBag IDENTIFIED BY {bagtypes 1}}
+--pkcs8ShroudedKeyBag BAG-TYPE ::=
+--	{PKCS8ShroudedKeyBag IDENTIFIED BY {bagtypes 2}}
+--certBag BAG-TYPE ::= 
+--	{CertBag IDENTIFIED BY {bagtypes 3}}
+--crlBag BAG-TYPE ::=
+--	{CRLBag IDENTIFIED BY {bagtypes 4}}
+--secretBag BAG-TYPE ::=    
+--	{SecretBag IDENTIFIED BY {bagtypes 5}}
+--safeContentsBag BAG-TYPE ::=
+--	{SafeContents IDENTIFIED BY {bagtypes 6}}
+
+--PKCS12BagSet BAG-TYPE ::= {
+--	keyBag | 
+--	pkcs8ShroudedKeyBag |
+--	certBag |
+--	crlBag | 
+--	secretBag | 
+--	safeContentsBag,
+--	... - - For future extensions
+--}
+
+--BAG-TYPE ::= TYPE-IDENTIFIER
+
+-- KeyBag
+
+KeyBag ::= PrivateKeyInfo
+
+-- Shrouded KeyBag
+
+PKCS8ShroudedKeyBag ::= EncryptedPrivateKeyInfo
+
+-- CertBag
+
+CertBag ::= SEQUENCE {
+	certId    --BAG-TYPE.&id   ({CertTypes}) -- OBJECT IDENTIFIER,
+	certValue [0] EXPLICIT --BAG-TYPE.&Type ({CertTypes}{@certId})-- ANY
+}
+
+--x509Certificate BAG-TYPE ::=
+--	{OCTET STRING IDENTIFIED BY {certTypes 1}}
+	-- DER-encoded X.509 certificate stored in OCTET STRING
+--sdsiCertificate BAG-TYPE ::=
+--	{IA5String IDENTIFIED BY {certTypes 2}}
+	-- Base64-encoded SDSI certificate stored in IA5String
+
+--CertTypes BAG-TYPE ::= {
+--	x509Certificate |
+--	sdsiCertificate,
+--	... - - For future extensions
+--}
+
+-- CRLBag
+
+CRLBag ::= SEQUENCE {
+	crlId     	--BAG-TYPE.&id ({CRLTypes})-- OBJECT IDENTIFIER,
+	crlValue 	[0] EXPLICIT --BAG-TYPE.&Type ({CRLTypes}{@crlId})-- ANY
+}
+
+--x509CRL BAG-TYPE ::=
+--	{OCTET STRING IDENTIFIED BY {crlTypes 1}}
+	-- DER-encoded X.509 CRL stored in OCTET STRING
+
+--CRLTypes BAG-TYPE ::= {
+--	x509CRL,
+--	... - - For future extensions
+--}
+
+-- Secret Bag
+
+SecretBag ::= SEQUENCE {
+	secretTypeId --BAG-TYPE.&id ({SecretTypes})-- OBJECT IDENTIFIER,
+	secretValue  [0] EXPLICIT --BAG-TYPE.&Type ({SecretTypes}{@secretTypeId})-- ANY
+}
+
+--SecretTypes BAG-TYPE ::= {
+--	... - - For future extensions
+--}
+
+-- Attributes
+
+PKCS12Attribute ::= SEQUENCE {
+	attrId	   	--ATTRIBUTE.&id ({PKCS12AttrSet})-- OBJECT IDENTIFIER,
+	attrValues 	SET OF --ATTRIBUTE.&Type ({PKCS12AttrSet}{@attrId})-- ANY
+} -- This type is compatible with the X.500 type 'Attribute'
+
+--PKCS12AttrSet ATTRIBUTE ::= {
+--	friendlyName |
+--	localKeyId,
+--	... - - Other attributes are allowed
+--}
+
+--END
+
+-- We import PKCS#8 here directly rather than creating another dissector
+
+--PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-8(8)
+--        modules(1) pkcs-8(1)} 
+
+-- $Revision: 1.5 $
+
+-- This module has been checked for conformance with the ASN.1
+-- standard by the OSS ASN.1 Tools
+
+--DEFINITIONS IMPLICIT TAGS ::= 
+
+--BEGIN
+
+-- EXPORTS All --
+-- All types and values defined in this module is exported for use in other
+-- ASN.1 modules.
+
+--IMPORTS
+
+--informationFramework
+--        FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
+--                                usefulDefinitions(0) 3} 
+
+--Attribute
+--        FROM InformationFramework informationFramework
+
+--AlgorithmIdentifier, ALGORITHM-IDENTIFIER
+--        FROM PKCS-5 {iso(1) member-body(2) us(840) rsadsi(113549)
+--        pkcs(1) pkcs-5(5) modules(16) pkcs-5(1)};
+
+-- Private-key information syntax
+
+PrivateKeyInfo ::= SEQUENCE {
+  version Version,
+  privateKeyAlgorithm AlgorithmIdentifier --{{PrivateKeyAlgorithms}}--,
+  privateKey PrivateKey,
+  attributes [0] Attributes OPTIONAL }
+
+Version ::= INTEGER {v1(0)} (v1,...)
+
+PrivateKey ::= OCTET STRING
+
+Attributes ::= SET OF Attribute
+
+-- Encrypted private-key information syntax
+
+EncryptedPrivateKeyInfo ::= SEQUENCE {
+    encryptionAlgorithm AlgorithmIdentifier --{{KeyEncryptionAlgorithms}}--,
+    encryptedData EncryptedData 
+}
+
+EncryptedData ::= OCTET STRING
+
+--PrivateKeyAlgorithms ALGORITHM-IDENTIFIER ::= {
+--    ... - - For local profiles
+--}
+
+--KeyEncryptionAlgorithms ALGORITHM-IDENTIFIER ::= {
+--    ... - - For local profiles
+--}
+
+-- From RFC 2898
+PBEParameter ::= SEQUENCE {
+    salt		OCTET STRING,
+    iterationCount 	INTEGER
+}
+
+
+PBKDF2Params ::= SEQUENCE {
+    salt CHOICE {
+        specified OCTET STRING,
+	otherSource AlgorithmIdentifier --{{PBKDF2-SaltSources}}--
+	},
+    iterationCount INTEGER --(1..MAX)--,
+    keyLength INTEGER (1..MAX) OPTIONAL,
+    prf AlgorithmIdentifier --{{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1-- OPTIONAL }
+
+PBES2Params ::= SEQUENCE {
+    keyDerivationFunc AlgorithmIdentifier --{{PBES2-KDFs}}--,
+    encryptionScheme AlgorithmIdentifier --{{PBES2-Encs}}-- }
+
+PBMAC1Params ::=  SEQUENCE {
+    keyDerivationFunc AlgorithmIdentifier --{{PBMAC1-KDFs}}--,
+    messageAuthScheme AlgorithmIdentifier --{{PBMAC1-MACs}}-- }
+
+
+END
+
+