diff options
Diffstat (limited to 'epan/dissectors/asn1/pkixqualified')
8 files changed, 530 insertions, 0 deletions
diff --git a/epan/dissectors/asn1/pkixqualified/CMakeLists.txt b/epan/dissectors/asn1/pkixqualified/CMakeLists.txt new file mode 100644 index 0000000000..c0da0d9021 --- /dev/null +++ b/epan/dissectors/asn1/pkixqualified/CMakeLists.txt @@ -0,0 +1,54 @@ +# CMakeLists.txt +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# + +set( PROTOCOL_NAME pkixqualified ) + +set( PROTO_OPT ) + +set( EXT_ASN_FILE_LIST +) + +set( ASN_FILE_LIST + PKIXqualified.asn +) + +set( EXTRA_DIST + ${ASN_FILE_LIST} + packet-${PROTOCOL_NAME}-template.c + packet-${PROTOCOL_NAME}-template.h + ${PROTOCOL_NAME}.cnf +) + +set( SRC_FILES + ${EXTRA_DIST} + ${EXT_ASN_FILE_LIST} +) + +set( A2W_FLAGS -b ) + +set( EXTRA_CNF + "${CMAKE_CURRENT_BINARY_DIR}/../x509af/x509af-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../x509ce/x509ce-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../x509sat/x509sat-exp.cnf" +) + +ASN2WRS() + diff --git a/epan/dissectors/asn1/pkixqualified/Makefile.am b/epan/dissectors/asn1/pkixqualified/Makefile.am new file mode 100644 index 0000000000..72d28e600b --- /dev/null +++ b/epan/dissectors/asn1/pkixqualified/Makefile.am @@ -0,0 +1,23 @@ +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + +include ../Makefile.preinc +include Makefile.common +include ../Makefile.inc + diff --git a/epan/dissectors/asn1/pkixqualified/Makefile.common b/epan/dissectors/asn1/pkixqualified/Makefile.common new file mode 100644 index 0000000000..b99c4047d7 --- /dev/null +++ b/epan/dissectors/asn1/pkixqualified/Makefile.common @@ -0,0 +1,55 @@ +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + +PROTOCOL_NAME=pkixqualified + +EXT_ASN_FILE_LIST = + +ASN_FILE_LIST = \ + PKIXqualified.asn + +# The packet-$(PROTOCOL_NAME)-template.h and $(PROTOCOL_NAME).asn +# files do not exist for all protocols: Please add/remove as required. +EXTRA_DIST = \ + $(EXTRA_DIST_COMMON) \ + $(ASN_FILE_LIST) \ + packet-$(PROTOCOL_NAME)-template.c \ + packet-$(PROTOCOL_NAME)-template.h \ + $(PROTOCOL_NAME).cnf + +SRC_FILES = \ + $(EXTRA_DIST) \ + $(EXT_ASN_FILE_LIST) + +A2W_FLAGS= -b + +EXTRA_CNF= \ + $(builddir)/../x509af/x509af-exp.cnf \ + $(builddir)/../x509ce/x509ce-exp.cnf \ + $(builddir)/../x509sat/x509sat-exp.cnf + +$(builddir)/../x509af/x509af-exp.cnf: + (cd $(builddir)/../x509af && $(MAKE_CNF_EXPORT)) + +$(builddir)/../x509ce/x509ce-exp.cnf: + (cd $(builddir)/../x509ce && $(MAKE_CNF_EXPORT)) + +$(builddir)/../x509sat/x509sat-exp.cnf: + (cd $(builddir)/../x509sat && $(MAKE_CNF_EXPORT)) + diff --git a/epan/dissectors/asn1/pkixqualified/Makefile.nmake b/epan/dissectors/asn1/pkixqualified/Makefile.nmake new file mode 100644 index 0000000000..d296638ddd --- /dev/null +++ b/epan/dissectors/asn1/pkixqualified/Makefile.nmake @@ -0,0 +1,26 @@ +## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + +include ../../../../config.nmake +include ../Makefile.preinc.nmake +include Makefile.common +include ../Makefile.inc.nmake + diff --git a/epan/dissectors/asn1/pkixqualified/PKIXqualified.asn b/epan/dissectors/asn1/pkixqualified/PKIXqualified.asn new file mode 100644 index 0000000000..50c3200b8d --- /dev/null +++ b/epan/dissectors/asn1/pkixqualified/PKIXqualified.asn @@ -0,0 +1,224 @@ +-- This ASN definition is taken from (and modified to pass through asn2wrs) +-- RFC3739 +-- +-- RFC3739 contains the followin copyright statements: +-- +-- Full Copyright Statement +-- +-- Copyright (C) The Internet Society (2004). This document is subject +-- to the rights, licenses and restrictions contained in BCP 78 and +-- except as set forth therein, the authors retain all their rights. +-- +-- This document and the information contained herein are provided on an +-- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE +-- REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE +-- INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR +-- IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF +-- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED +-- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +-- +-- Intellectual Property +-- +-- The IETF takes no position regarding the validity or scope of any +-- Intellectual Property Rights or other rights that might be claimed +-- to pertain to the implementation or use of the technology +-- described in this document or the extent to which any license +-- under such rights might or might not be available; nor does it +-- represent that it has made any independent effort to identify any +-- such rights. Information on the procedures with respect to +-- rights in RFC documents can be found in BCP 78 and BCP 79. +-- +-- Copies of IPR disclosures made to the IETF Secretariat and any +-- assurances of licenses to be made available, or the result of an +-- attempt made to obtain a general license or permission for the use +-- of such proprietary rights by implementers or users of this +-- specification can be obtained from the IETF on-line IPR repository +-- at http://www.ietf.org/ipr. +-- +-- The IETF invites any interested party to bring to its attention +-- any copyrights, patents or patent applications, or other +-- proprietary rights that may cover technology that may be required +-- to implement this standard. Please address the information to the +-- IETF at ietf-ipr@ietf.org. +-- +-- Acknowledgement +-- +-- Funding for the RFC Editor function is currently provided by the +-- Internet Society. +-- + + + PKIXqualified97 {iso(1) identified-organization(3) dod(6) + internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) + id-mod-qualified-cert-97(35) } + + DEFINITIONS EXPLICIT TAGS ::= + + BEGIN + + -- EXPORTS ALL -- + + IMPORTS + + informationFramework, certificateExtensions, selectedAttributeTypes, + authenticationFramework, upperBounds, id-at + FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1) + usefulDefinitions(0) 3 } + + ub-name + FROM UpperBounds upperBounds + + GeneralName + FROM CertificateExtensions certificateExtensions + + ATTRIBUTE, AttributeType + FROM InformationFramework informationFramework + + DirectoryString + FROM SelectedAttributeTypes selectedAttributeTypes + + AlgorithmIdentifier, Extension, EXTENSION + FROM AuthenticationFramework authenticationFramework + + id-pkix, id-pe + FROM PKIX1Explicit88 { iso(1) identified-organization(3) dod(6) + internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) + id-pkix1-explicit(18) }; + + -- Locally defined OIDs + + -- Arc for QC personal data attributes +-- id-pda OBJECT IDENTIFIER ::= { id-pkix 9 } + + -- Arc for QC statements +-- id-qcs OBJECT IDENTIFIER ::= { id-pkix 11 } + + -- Personal data attributes + +-- id-pda-dateOfBirth AttributeType ::= { id-pda 1 } +-- id-pda-placeOfBirth AttributeType ::= { id-pda 2 } +-- id-pda-gender AttributeType ::= { id-pda 3 } +-- id-pda-countryOfCitizenship AttributeType ::= { id-pda 4 } +-- id-pda-countryOfResidence AttributeType ::= { id-pda 5 } + + -- Certificate extensions + +-- id-pe-biometricInfo OBJECT IDENTIFIER ::= { id-pe 2 } +-- id-pe-qcStatements OBJECT IDENTIFIER ::= { id-pe 3 } + + -- QC statements + +-- id-qcs-pkixQCSyntax-v1 OBJECT IDENTIFIER ::= { id-qcs 1 } +-- id-qcs-pkixQCSyntax-v2 OBJECT IDENTIFIER ::= { id-qcs 2 } + +Generalizedtime ::= GeneralizedTime + +Directorystring ::= DirectoryString + +Printablestring ::= PrintableString + + -- Personal data attributes +-- +-- dateOfBirth ATTRIBUTE ::= { +-- WITH SYNTAX GeneralizedTime +-- ID id-pda-dateOfBirth } +-- +-- placeOfBirth ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-name} +-- ID id-pda-placeOfBirth } +-- +-- gender ATTRIBUTE ::= { +-- WITH SYNTAX PrintableString (SIZE(1) ^ FROM("M"|"F"|"m"|"f")) +-- ID id-pda-gender } +-- +-- countryOfCitizenship ATTRIBUTE ::= { +-- WITH SYNTAX PrintableString (SIZE (2)) +-- (CONSTRAINED BY { }) +-- ID id-pda-countryOfCitizenship } +-- +-- countryOfResidence ATTRIBUTE ::= { +-- WITH SYNTAX PrintableString (SIZE (2)) +-- (CONSTRAINED BY { }) +-- ID id-pda-countryOfResidence } +-- + -- Certificate extensions + + -- Biometric info extension +-- +-- biometricInfo EXTENSION ::= { +-- SYNTAX BiometricSyntax +-- IDENTIFIED BY id-pe-biometricInfo } + + BiometricSyntax ::= SEQUENCE OF BiometricData + + BiometricData ::= SEQUENCE { + typeOfBiometricData TypeOfBiometricData, + hashAlgorithm AlgorithmIdentifier, + biometricDataHash OCTET STRING, + sourceDataUri IA5String OPTIONAL, + ... } + + TypeOfBiometricData ::= CHOICE { + predefinedBiometricType PredefinedBiometricType, + biometricDataOid OBJECT IDENTIFIER } + + PredefinedBiometricType ::= INTEGER { + picture(0), handwritten-signature(1)} + + + -- QC Statements Extension + -- NOTE: This extension does not allow to mix critical and + -- non-critical Qualified Certificate Statements. Either all + -- statements must be critical or all statements must be + -- non-critical. +-- +-- qcStatements EXTENSION ::= { +-- SYNTAX QCStatements +-- IDENTIFIED BY id-pe-qcStatements } + + QCStatements ::= SEQUENCE OF QCStatement + + QCStatement ::= SEQUENCE { + statementId OBJECT IDENTIFIER, + statementInfo ANY OPTIONAL } + +-- QC-STATEMENT ::= CLASS { +-- &id OBJECT IDENTIFIER UNIQUE, +-- &Type OPTIONAL } +-- WITH SYNTAX { +-- [SYNTAX &Type] IDENTIFIED BY &id } + +-- qcStatement-1 QC-STATEMENT ::= { SYNTAX SemanticsInformation +-- IDENTIFIED BY id-qcs-pkixQCSyntax-v1} + -- This statement identifies conformance with requirements + -- defined in RFC 3039 (Version 1). This statement + -- may optionally contain additional semantics information + -- as specified below. + +-- qcStatement-2 QC-STATEMENT ::= { SYNTAX SemanticsInformation +-- IDENTIFIED BY id-qcs-pkixQCSyntax-v2} + -- This statement identifies conformance with requirements + -- defined in this Qualified Certificate profile + -- (Version 2). This statement may optionally contain + -- additional semantics information as specified below. + + SemanticsInformation ::= SEQUENCE { + semanticsIdentifier OBJECT IDENTIFIER OPTIONAL, + nameRegistrationAuthorities NameRegistrationAuthorities OPTIONAL + } + + NameRegistrationAuthorities ::= SEQUENCE OF GeneralName + + -- The following information object set is defined to constrain the + -- set of attributes applications are required to recognize as QCSs. +-- SupportedStatements QC-STATEMENT ::= { +-- qcStatement-1 | +-- qcStatement-2 , ... } + +-- RFC 3920 added + + XmppAddr ::= UTF8String + + END + + diff --git a/epan/dissectors/asn1/pkixqualified/packet-pkixqualified-template.c b/epan/dissectors/asn1/pkixqualified/packet-pkixqualified-template.c new file mode 100644 index 0000000000..257bfb6778 --- /dev/null +++ b/epan/dissectors/asn1/pkixqualified/packet-pkixqualified-template.c @@ -0,0 +1,82 @@ +/* packet-pkixqualified.c + * Routines for RFC3739 PKIXqualified packet dissection + * Ronnie Sahlberg 2004 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#include <epan/packet.h> +#include <epan/asn1.h> + +#include "packet-ber.h" +#include "packet-pkixqualified.h" +#include "packet-x509af.h" +#include "packet-x509ce.h" +#include "packet-x509sat.h" + +#define PNAME "PKIX Qualified" +#define PSNAME "PKIXQUALIFIED" +#define PFNAME "pkixqualified" + +void proto_register_pkixqualified(void); +void proto_reg_handoff_pkixqualified(void); + + +/* Initialize the protocol and registered fields */ +static int proto_pkixqualified = -1; +#include "packet-pkixqualified-hf.c" + +/* Initialize the subtree pointers */ +#include "packet-pkixqualified-ett.c" + +static const char *object_identifier_id; + +#include "packet-pkixqualified-fn.c" + + +/*--- proto_register_pkixqualified ----------------------------------------------*/ +void proto_register_pkixqualified(void) { + + /* List of fields */ + static hf_register_info hf[] = { +#include "packet-pkixqualified-hfarr.c" + }; + + /* List of subtrees */ + static gint *ett[] = { +#include "packet-pkixqualified-ettarr.c" + }; + + /* Register protocol */ + proto_pkixqualified = proto_register_protocol(PNAME, PSNAME, PFNAME); + + /* Register fields and subtrees */ + proto_register_field_array(proto_pkixqualified, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + +} + + +/*--- proto_reg_handoff_pkixqualified -------------------------------------------*/ +void proto_reg_handoff_pkixqualified(void) { +#include "packet-pkixqualified-dis-tab.c" +} + diff --git a/epan/dissectors/asn1/pkixqualified/packet-pkixqualified-template.h b/epan/dissectors/asn1/pkixqualified/packet-pkixqualified-template.h new file mode 100644 index 0000000000..e7c75cd753 --- /dev/null +++ b/epan/dissectors/asn1/pkixqualified/packet-pkixqualified-template.h @@ -0,0 +1,30 @@ +/* packet-pkixqualified.h + * Routines for RFC3739 PKIXqualified packet dissection + * Ronnie Sahlberg 2004 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef PACKET_PKIXQUALIFIED_H +#define PACKET_PKIXQUALIFIED_H + +/*#include "packet-pkixqualified-exp.h"*/ + +#endif /* PACKET_PKIXQUALIFIED_H */ + diff --git a/epan/dissectors/asn1/pkixqualified/pkixqualified.cnf b/epan/dissectors/asn1/pkixqualified/pkixqualified.cnf new file mode 100644 index 0000000000..0e3315efc6 --- /dev/null +++ b/epan/dissectors/asn1/pkixqualified/pkixqualified.cnf @@ -0,0 +1,36 @@ +# PKIXqualified.cnf +# PKIXqualified conformation file + +#.IMPORT ../x509ce/x509ce-exp.cnf +#.IMPORT ../x509af/x509af-exp.cnf +#.IMPORT ../x509sat/x509sat-exp.cnf + +#.EXPORTS + +#.REGISTER +BiometricSyntax B "1.3.6.1.5.5.7.1.2" "id-pe-biometricInfo" +QCStatements B "1.3.6.1.5.5.7.1.3" "id-pe-qcStatements" +SemanticsInformation B "1.3.6.1.5.5.7.11.1" "id-qcs-pkixQCSyntax-v1" +SemanticsInformation B "1.3.6.1.5.5.7.11.2" "id-qcs-pkixQCSyntax-v2" +XmppAddr B "1.3.6.1.5.5.7.8.5" "id-on-xmppAddr" +Generalizedtime B "1.3.6.1.5.5.7.9.1" "id-pda-dateOfBirth" +Directorystring B "1.3.6.1.5.5.7.9.2" "id-pda-placeOfBirth" +Printablestring B "1.3.6.1.5.5.7.9.3" "id-pda-gender" +Printablestring B "1.3.6.1.5.5.7.9.4" "id-pda-countryOfCitizenship" +Printablestring B "1.3.6.1.5.5.7.9.5" "id-pda-countryOfResidence" + +#.NO_EMIT + +#.TYPE_RENAME + +#.FIELD_RENAME + +#.FN_PARS QCStatement/statementId + FN_VARIANT = _str HF_INDEX = hf_pkixqualified_statementId VAL_PTR = &object_identifier_id + +#.FN_BODY QCStatement/statementInfo + offset=call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.END + + |