diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
| commit | e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc (patch) | |
| tree | 68cb5ef9081156392f1dd62a00c6ccc1451b93df /epan/dissectors/asn1/pkix1explicit | |
| parent | Initial commit. (diff) | |
| download | wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.tar.xz wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.zip | |
Adding upstream version 4.2.2.upstream/4.2.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'epan/dissectors/asn1/pkix1explicit')
7 files changed, 1272 insertions, 0 deletions
diff --git a/epan/dissectors/asn1/pkix1explicit/CMakeLists.txt b/epan/dissectors/asn1/pkix1explicit/CMakeLists.txt new file mode 100644 index 00000000..4f104f21 --- /dev/null +++ b/epan/dissectors/asn1/pkix1explicit/CMakeLists.txt @@ -0,0 +1,36 @@ +# CMakeLists.txt +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# SPDX-License-Identifier: GPL-2.0-or-later +# + +set( PROTOCOL_NAME pkix1explicit ) + +set( PROTO_OPT ) + +set( EXT_ASN_FILE_LIST +) + +set( ASN_FILE_LIST + PKIX1EXPLICIT93.asn + IPAddrAndASCertExtn.asn +) + +set( EXTRA_DIST + ${ASN_FILE_LIST} + packet-${PROTOCOL_NAME}-template.c + packet-${PROTOCOL_NAME}-template.h + ${PROTOCOL_NAME}.cnf +) + +set( SRC_FILES + ${EXTRA_DIST} + ${EXT_ASN_FILE_LIST} +) + +set( A2W_FLAGS -b ) + +ASN2WRS() diff --git a/epan/dissectors/asn1/pkix1explicit/IPAddrAndASCertExtn.asn b/epan/dissectors/asn1/pkix1explicit/IPAddrAndASCertExtn.asn new file mode 100644 index 00000000..fd4ae88b --- /dev/null +++ b/epan/dissectors/asn1/pkix1explicit/IPAddrAndASCertExtn.asn @@ -0,0 +1,71 @@ +-- RFC 3779 X.509 Extensions for IP Addr and AS ID June 2004 +-- + IPAddrAndASCertExtn { iso(1) identified-organization(3) dod(6) + internet(1) security(5) mechanisms(5) pkix(7) mod(0) + id-mod-ip-addr-and-as-ident(30) } + DEFINITIONS EXPLICIT TAGS ::= + BEGIN + -- Copyright (C) The Internet Society (2004). This -- + -- version of this ASN.1 module is part of RFC 3779; -- + -- see the RFC itself for full legal notices. -- + + -- EXPORTS ALL -- + + IMPORTS + + -- PKIX specific OIDs and arcs -- + id-pe FROM PKIX1Explicit88 { iso(1) identified-organization(3) + dod(6) internet(1) security(5) mechanisms(5) pkix(7) + id-mod(0) id-pkix1-explicit(18) }; + + -- IP Address Delegation Extension OID -- + + id-pe-ipAddrBlocks OBJECT IDENTIFIER ::= { id-pe 7 } + + -- IP Address Delegation Extension Syntax -- + + IPAddrBlocks ::= SEQUENCE OF IPAddressFamily + + IPAddressFamily ::= SEQUENCE { -- AFI & opt SAFI -- + addressFamily OCTET STRING (SIZE (2..3)), + ipAddressChoice IPAddressChoice } + + IPAddressChoice ::= CHOICE { + inherit NULL, -- inherit from issuer -- + addressesOrRanges SEQUENCE OF IPAddressOrRange } + + IPAddressOrRange ::= CHOICE { + addressPrefix IPAddress, + addressRange IPAddressRange } + + IPAddressRange ::= SEQUENCE { + min IPAddress, + max IPAddress } + + IPAddress ::= BIT STRING + + -- Autonomous System Identifier Delegation Extension OID -- + + id-pe-autonomousSysIds OBJECT IDENTIFIER ::= { id-pe 8 } + + -- Autonomous System Identifier Delegation Extension Syntax -- + + ASIdentifiers ::= SEQUENCE { + asnum [0] ASIdentifierChoice OPTIONAL, + rdi [1] ASIdentifierChoice OPTIONAL } + + ASIdentifierChoice ::= CHOICE { + inherit NULL, -- inherit from issuer -- + asIdsOrRanges SEQUENCE OF ASIdOrRange } + + ASIdOrRange ::= CHOICE { + id ASId, + range ASRange } + + ASRange ::= SEQUENCE { + min ASId, + max ASId } + + ASId ::= INTEGER + + END diff --git a/epan/dissectors/asn1/pkix1explicit/PKIX1EXPLICIT93.asn b/epan/dissectors/asn1/pkix1explicit/PKIX1EXPLICIT93.asn new file mode 100644 index 00000000..6cc643e6 --- /dev/null +++ b/epan/dissectors/asn1/pkix1explicit/PKIX1EXPLICIT93.asn @@ -0,0 +1,864 @@ +-- This file is based on PKIX1Explicit93 definition in +-- RFC2459 section b.1 +-- +--Appendix F of RFC2459 +--Appendix F. Full Copyright Statement +-- +-- Copyright (C) The Internet Society (1999). All Rights Reserved. +-- +-- This document and translations of it may be copied and furnished to +-- others, and derivative works that comment on or otherwise explain it +-- or assist in its implementation may be prepared, copied, published +-- and distributed, in whole or in part, without restriction of any +-- kind, provided that the above copyright notice and this paragraph are +-- included on all such copies and derivative works. However, this +-- document itself may not be modified in any way, such as by removing +-- the copyright notice or references to the Internet Society or other +-- Internet organizations, except as needed for the purpose of +-- developing Internet standards in which case the procedures for +-- copyrights defined in the Internet Standards process must be +-- followed, or as required to translate it into languages other than +-- English. +-- +-- The limited permissions granted above are perpetual and will not be +-- revoked by the Internet Society or its successors or assigns. +-- +-- This document and the information contained herein is provided on an +-- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +-- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +-- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +-- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +-- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +-- +-- +--NOTE: This ASN1 definition have been significantly modified from the original +--version in RFC2459 in order to accomodate the featuresets available +--in the Wireshark projects asn2wrs compiler. +--It has also been modified and structures have been commented out that +--are already implemented in the X509 dissectors. +--Dissectors present already in the X509 dissectors should be implemented in +--the template by hand as stubs that will just call the original +--dissector functions in X509 in order not to duplicate code. +-- +--Structures and constructs in this definition are uncommented and +--implemented on-demand when someone needs them. +-- +--If you export new types from this file, make sure to update the +--pkix1explicit_exp.cnf file with the proper definitions + + + +PKIX1Explicit93 {iso(1) identified-organization(3) dod(6) internet(1) + security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-93(3)} + + +DEFINITIONS EXPLICIT TAGS ::= + +BEGIN + +-- EXPORTS ALL -- + +IMPORTS + authorityKeyIdentifier, subjectKeyIdentifier, keyUsage, + extendedKeyUsage, privateKeyUsagePeriod, certificatePolicies, + policyMappings, subjectAltName, issuerAltName, + basicConstraints, nameConstraints, policyConstraints, + cRLDistributionPoints, subjectDirectoryAttributes, + cRLNumber, reasonCode, instructionCode, invalidityDate, + issuingDistributionPoint, certificateIssuer, + deltaCRLIndicator, authorityInfoAccess, id-ce + FROM PKIX1Implicit93 {iso(1) identified-organization(3) + dod(6) internet(1) security(5) mechanisms(5) pkix(7) + id-mod(0) id-pkix1-implicit-93(4)} ; + +-- +-- Locally defined OIDs +-- +--id-pkix OBJECT IDENTIFIER ::= +-- { iso(1) identified-organization(3) dod(6) internet(1) +-- security(5) mechanisms(5) pkix(7) } +-- +-- PKIX arcs +-- arc for private certificate extensions +--id-pe OBJECT IDENTIFIER ::= { id-pkix 1 } +-- arc for policy qualifier types +--id-qt OBJECT IDENTIFIER ::= { id-pkix 2 } +-- arc for extended key purpose OIDS +--id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } +-- arc for access descriptors +--id-ad OBJECT IDENTIFIER ::= { id-pkix 48 } +-- +-- policyQualifierIds for Internet policy qualifiers +--id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 } +-- OID for CPS qualifier +-- +--id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 } +-- OID for user notice qualifier +-- +-- based on excerpts from AuthenticationFramework +-- {joint-iso-ccitt ds(5) modules(1) authenticationFramework(7) 2} +-- +-- Public Key Certificate +-- +--Certificate ::= SIGNED { SEQUENCE { +-- version [0] Version DEFAULT v1, +-- serialNumber CertificateSerialNumber, +-- signature AlgorithmIdentifier, +-- issuer Name, +-- validity Validity, +-- subject Name, +-- subjectPublicKeyInfo SubjectPublicKeyInfo, +-- issuerUniqueIdentifier [1] IMPLICIT UniqueIdentifier OPTIONAL, +-- if present, version shall be v2 or v3 +-- subjectUniqueIdentifier [2] IMPLICIT UniqueIdentifier OPTIONAL, +-- if present, version shall be v2 or v3 +-- extensions [3] Extensions OPTIONAL +-- if present, version shall be v3 +-- } +--} +-- +UniqueIdentifier ::= BIT STRING +-- +Version ::= INTEGER { v1(0), v2(1), v3(2) } + + -- This one is defined with .NO_EMIT in the conformance file + -- and implemented in the template as just a call to the + -- corresponding function in x509 +CertificateSerialNumber ::= INTEGER + +--Validity ::= SEQUENCE { +-- notBefore Time, +-- notAfter Time } +-- +Time ::= CHOICE { + utcTime UTCTime, + generalTime GeneralizedTime } +-- + + + + -- This one is implemented in the template as just a call to the + -- corresponding function in x509 +--SubjectPublicKeyInfo ::= SEQUENCE{ +-- algorithm AlgorithmIdentifier, +-- subjectPublicKey BIT STRING +--} + + + +Extensions ::= SEQUENCE OF Extension + +Extension ::= SEQUENCE { + extnId OBJECT IDENTIFIER, + critical BOOLEAN DEFAULT FALSE, + extnValue OCTET STRING +} + +-- contains a DER encoding of a value of type +-- &ExtnType for the +-- extension object identified by extnId +-- +-- The following information object set is defined to constrain the +-- set of legal certificate extensions. +-- +--ExtensionSet EXTENSION ::= { authorityKeyIdentifier | +-- subjectKeyIdentifier | +-- keyUsage | +-- extendedKeyUsage | +-- privateKeyUsagePeriod | +-- certificatePolicies | +-- policyMappings | +-- subjectAltName | +-- issuerAltName | +-- basicConstraints | +-- nameConstraints | +-- policyConstraints | +-- cRLDistributionPoints | +-- subjectDirectoryAttributes | +-- authorityInfoAccess } +-- +--EXTENSION ::= CLASS { +-- &id OBJECT IDENTIFIER UNIQUE, +-- &ExtnType } +--WITH SYNTAX { +-- SYNTAX &ExtnType +-- IDENTIFIED BY &id } +-- +-- Certificate Revocation List +-- +--CertificateList ::= SIGNED { SEQUENCE { +-- version Version OPTIONAL, +-- if present, shall be v2 +-- signature AlgorithmIdentifier, +-- issuer Name, +-- thisUpdate Time, +-- nextUpdate Time OPTIONAL, +-- revokedCertificates SEQUENCE OF SEQUENCE { +-- userCertificate CertificateSerialNumber, +-- revocationDate Time, +-- crlEntryExtensions EntryExtensions OPTIONAL } OPTIONAL, +-- crlExtensions [0] CRLExtensions OPTIONAL }} +-- +--CRLExtensions ::= SEQUENCE SIZE (1..MAX) OF CRLExtension +-- +--CRLExtension ::= SEQUENCE { +-- extnId EXTENSION.&id ({CRLExtensionSet}), +-- critical BOOLEAN DEFAULT FALSE, +-- extnValue OCTET STRING } +-- contains a DER encoding of a value of type +-- &ExtnType for the +-- extension object identified by extnId +-- +-- The following information object set is defined to constrain the +-- set of legal CRL extensions. +-- +--CRLExtensionSet EXTENSION ::= { authorityKeyIdentifier | +-- issuerAltName | +-- cRLNumber | +-- deltaCRLIndicator | +-- issuingDistributionPoint } +-- +-- EXTENSION defined above for certificates +-- +--EntryExtensions ::= SEQUENCE SIZE (1..MAX) OF EntryExtension +-- +--EntryExtension ::= SEQUENCE { +-- extnId EXTENSION.&id ({EntryExtensionSet}), +-- critical BOOLEAN DEFAULT FALSE, +-- extnValue OCTET STRING } +-- contains a DER encoding of a value of type +-- &ExtnType for the +-- extension object identified by extnId +-- +-- The following information object set is defined to constrain the +-- set of legal CRL entry extensions. +-- +--EntryExtensionSet EXTENSION ::= { reasonCode | +-- instructionCode | +-- invalidityDate | +-- certificateIssuer } +-- +-- information object classes used in the defintion +-- of certificates and CRLs +-- +-- Parameterized Type SIGNED +-- +-- SIGNED { ToBeSigned } ::= SEQUENCE { +-- toBeSigned ToBeSigned, +-- algorithm AlgorithmIdentifier, +-- signature BIT STRING +-- } +-- + + -- This one is implemented in the template as just a call to the + -- corresponding function in x509 +-- Definition of AlgorithmIdentifier +-- ISO definition was: +--AlgorithmIdentifier ::= SEQUENCE { +-- algorithm ALGORITHM.&id({SupportedAlgorithms}), +-- parameters ALGORITHM.&Type({SupportedAlgorithms} +-- { @algorithm}) OPTIONAL +--} + +-- Definition of ALGORITHM +-- ALGORITHM ::= TYPE-IDENTIFIER +-- +-- The following PKIX definition replaces the X.509 definition +-- +-- +--AlgorithmIdentifier ::= SEQUENCE { +-- algorithm ALGORITHM-ID.&id({SupportedAlgorithms}), +-- parameters ALGORITHM-ID.&Type({SupportedAlgorithms} +-- { @algorithm}) OPTIONAL } +-- +-- Definition of ALGORITHM-ID +-- +-- ALGORITHM-ID ::= CLASS { +-- &id OBJECT IDENTIFIER UNIQUE, +-- &Type OPTIONAL +-- } +-- WITH SYNTAX { OID &id [PARMS &Type] } +-- +-- The definition of SupportedAlgorithms may be modified as this +-- document does not specify a mandatory algorithm set. In addition, +-- the set is specified as extensible, since additional algorithms +-- may be supported +-- +--SupportedAlgorithms ALGORITHM-ID ::= { ..., +-- rsaPublicKey | +-- rsaSHA-1 | +-- rsaMD5 | +-- rsaMD2 | +-- dssPublicKey | +-- dsaSHA-1 | +-- dhPublicKey } +-- +-- OIDs and parameter structures for ALGORITHM-IDs used +-- in this specification +-- +--rsaPublicKey ALGORITHM-ID ::= { OID rsaEncryption PARMS NULL } +-- +--rsaSHA-1 ALGORITHM-ID ::= { OID sha1WithRSAEncryption PARMS NULL } +-- +--rsaMD5 ALGORITHM-ID ::= { OID md5WithRSAEncryption PARMS NULL } +-- +--rsaMD2 ALGORITHM-ID ::= { OID md2WithRSAEncryption PARMS NULL } +-- +--dssPublicKey ALGORITHM-ID ::= { OID id-dsa PARMS Dss-Parms } +-- +--dsaSHA-1 ALGORITHM-ID ::= { OID id-dsa-with-sha1 } +-- +--dhPublicKey ALGORITHM-ID ::= {OID dhpublicnumber PARMS DomainParameters} +-- +-- algorithm identifiers and parameter structures +-- +--pkcs-1 OBJECT IDENTIFIER ::= { +-- iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } +-- +--rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } +-- +--md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 } +-- +--md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 } +-- +--sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 } +-- +--id-dsa-with-sha1 OBJECT IDENTIFIER ::= { +-- iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 } +-- +--Dss-Sig-Value ::= SEQUENCE { +-- r INTEGER, +-- s INTEGER } +-- +dhpublicnumber OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 } + +DomainParameters ::= SEQUENCE { + p INTEGER, + g INTEGER, + q INTEGER, + j INTEGER OPTIONAL, + validationParms ValidationParms OPTIONAL } + +ValidationParms ::= SEQUENCE { + seed BIT STRING, + pgenCounter INTEGER } + +--id-dsa OBJECT IDENTIFIER ::= { +-- iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 } +-- +--Dss-Parms ::= SEQUENCE { +-- p INTEGER, +-- q INTEGER, +-- g INTEGER } +-- +-- The ASN.1 in this section supports the Name type +-- and the directoryAttribute extension +-- +-- attribute data types +-- +--Attribute ::= SEQUENCE { +-- type ATTRIBUTE.&id ({SupportedAttributes}), +-- values SET SIZE (1 .. MAX) OF ATTRIBUTE.&Type +-- ({SupportedAttributes}{@type})} + +Attribute ::= SEQUENCE { + type OBJECT IDENTIFIER, + values SET SIZE (1 .. MAX) OF ANY + -- at least one value is required -- } + +AttributeTypeAndValue ::= SEQUENCE { + type OBJECT IDENTIFIER, + value ANY +} + +-- naming data types -- +-- + + + -- This one is implemented in the template as just a call to the + -- corresponding function in x509 +--Name ::= CHOICE { +-- rdnSequence RDNSequence +--} + + +RDNSequence ::= SEQUENCE OF RelativeDistinguishedName + +RelativeDistinguishedName ::= SET OF AttributeTypeAndValue + +--ID ::= OBJECT IDENTIFIER +-- +-- ATTRIBUTE information object class specification +-- Note: This has been greatly simplified for PKIX !! +-- +--ATTRIBUTE ::= CLASS { +-- &Type, +-- &id OBJECT IDENTIFIER UNIQUE } +--WITH SYNTAX { +-- WITH SYNTAX &Type ID &id } +-- +-- suggested naming attributes +-- Definition of the following information object set may be +-- augmented to meet local requirements. Note that deleting +-- members of the set may prevent interoperability with +-- conforming implementations. +-- +--SupportedAttributes ATTRIBUTE ::= { +-- name | commonName | surname | givenName | initials | +-- generationQualifier | dnQualifier | countryName | +-- localityName | stateOrProvinceName | organizationName | +-- organizationalUnitName | title | pkcs9email } +-- +--name ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString { ub-name } +-- ID id-at-name } +-- +--commonName ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-common-name} +-- ID id-at-commonName } +-- +--surname ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-name} +-- ID id-at-surname } +-- +--givenName ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-name} +-- ID id-at-givenName } +-- +--initials ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-name} +-- ID id-at-initials } +-- +--generationQualifier ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-name} +-- ID id-at-generationQualifier} +-- +--dnQualifier ATTRIBUTE ::= { +-- WITH SYNTAX PrintableString +-- ID id-at-dnQualifier } +-- +-- +--countryName ATTRIBUTE ::= { +-- WITH SYNTAX PrintableString (SIZE (2)) +-- ID id-at-countryName } +-- +--localityName ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-locality-name} +-- ID id-at-localityName } +-- +--stateOrProvinceName ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-state-name} +-- ID id-at-stateOrProvinceName } +-- +--organizationName ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-organization-name} +-- ID id-at-organizationName } +-- +--organizationalUnitName ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-organizational-unit-name} +-- ID id-at-organizationalUnitName } +-- +--title ATTRIBUTE ::= { +-- WITH SYNTAX DirectoryString {ub-title} +-- ID id-at-title } +-- +-- Legacy attributes +-- +--pkcs9email ATTRIBUTE ::= { +-- WITH SYNTAX PHGString, +-- ID emailAddress } +-- +--PHGString ::= IA5String (SIZE(1..ub-emailaddress-length)) +-- +--pkcs-9 OBJECT IDENTIFIER ::= +-- { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } +-- +--emailAddress OBJECT IDENTIFIER ::= { pkcs-9 1 } +-- +-- object identifiers for Name type and directory attribute support +-- +-- Object identifier assignments +-- +--id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} +-- +-- Attributes +-- +--id-at-commonName OBJECT IDENTIFIER ::= {id-at 3} +--id-at-surname OBJECT IDENTIFIER ::= {id-at 4} +--id-at-countryName OBJECT IDENTIFIER ::= {id-at 6} +--id-at-localityName OBJECT IDENTIFIER ::= {id-at 7} +--id-at-stateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8} +--id-at-organizationName OBJECT IDENTIFIER ::= {id-at 10} +--id-at-organizationalUnitName OBJECT IDENTIFIER ::= {id-at 11} +--id-at-title OBJECT IDENTIFIER ::= {id-at 12} +--id-at-name OBJECT IDENTIFIER ::= {id-at 41} +--id-at-givenName OBJECT IDENTIFIER ::= {id-at 42} +--id-at-initials OBJECT IDENTIFIER ::= {id-at 43} +--id-at-generationQualifier OBJECT IDENTIFIER ::= {id-at 44} +--id-at-dnQualifier OBJECT IDENTIFIER ::= {id-at 46} +-- +-- Directory string type, used extensively in Name types +--Make it a PrintableString will amke it look prettier +DirectoryString ::= PrintableString +--DirectoryString { INTEGER:maxSize } ::= CHOICE { +-- teletexString TeletexString (SIZE (1..maxSize)), +-- printableString PrintableString (SIZE (1..maxSize)), +-- universalString UniversalString (SIZE (1..maxSize)), +-- bmpString BMPString (SIZE(1..maxSize)), +-- utf8String UTF8String (SIZE(1..maxSize)) +-- } +-- +-- End of ASN.1 for Name type and directory attribute support +-- +-- The ASN.1 in this section supports X.400 style names +-- for implementations that use the x400Address component +-- of GeneralName. +-- +--ORAddress ::= SEQUENCE { +-- built-in-standard-attributes BuiltInStandardAttributes, +-- built-in-domain-defined-attributes +-- BuiltInDomainDefinedAttributes OPTIONAL, +-- see also teletex-domain-defined-attributes +-- extension-attributes ExtensionAttributes OPTIONAL } +-- +-- The OR-address is semantically absent from the OR-name if the +-- built-in-standard-attribute sequence is empty and the +-- built-in-domain-defined-attributes and extension-attributes are +-- both omitted. +-- +-- Built-in Standard Attributes +-- +--BuiltInStandardAttributes ::= SEQUENCE { +-- country-name CountryName OPTIONAL, +-- administration-domain-name AdministrationDomainName OPTIONAL, +-- network-address [0] NetworkAddress OPTIONAL, +-- see also extended-network-address +-- terminal-identifier [1] TerminalIdentifier OPTIONAL, +-- private-domain-name [2] PrivateDomainName OPTIONAL, +-- organization-name [3] OrganizationName OPTIONAL, +-- see also teletex-organization-name +-- numeric-user-identifier [4] NumericUserIdentifier OPTIONAL, +-- personal-name [5] PersonalName OPTIONAL, +-- see also teletex-personal-name +-- organizational-unit-names [6] OrganizationalUnitNames OPTIONAL +-- see also teletex-organizational-unit-names +-- } +-- +--CountryName ::= [APPLICATION 1] CHOICE { +-- x121-dcc-code NumericString, +-- iso-3166-alpha2-code PrintableString +--} +-- +--AdministrationDomainName ::= [APPLICATION 2] CHOICE { +-- numeric NumericString (SIZE (0..ub-domain-name-length)), +-- printable PrintableString (SIZE (0..ub-domain-name-length)) } +-- +--NetworkAddress ::= X121Address +-- see also extended-network-address +-- +--X121Address ::= NumericString (SIZE (1..ub-x121-address-length)) +-- +--TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length)) +-- +--PrivateDomainName ::= CHOICE { +-- numeric NumericString (SIZE (1..ub-domain-name-length)), +-- printable PrintableString (SIZE (1..ub-domain-name-length)) } +-- +--OrganizationName ::= PrintableString +-- (SIZE (1..ub-organization-name-length)) +-- see also teletex-organization-name +-- +--NumericUserIdentifier ::= NumericString +-- (SIZE (1..ub-numeric-user-id-length)) +-- +--PersonalName ::= SET { +-- surname [0] PrintableString (SIZE (1..ub-surname-length)), +-- given-name [1] PrintableString +-- (SIZE (1..ub-given-name-length)) OPTIONAL, +-- initials [2] PrintableString +-- (SIZE (1..ub-initials-length)) OPTIONAL, +-- generation-qualifier [3] PrintableString +-- (SIZE (1..ub-generation-qualifier-length)) OPTIONAL} +-- see also teletex-personal-name +-- +--OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units) +-- OF OrganizationalUnitName +-- see also teletex-organizational-unit-names +-- +--OrganizationalUnitName ::= PrintableString (SIZE +-- (1..ub-organizational-unit-name-length)) +-- +-- Built-in Domain-defined Attributes +--BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE +-- (1..ub-domain-defined-attributes) OF +-- BuiltInDomainDefinedAttribute +-- +--BuiltInDomainDefinedAttribute ::= SEQUENCE { +-- type PrintableString (SIZE +-- (1..ub-domain-defined-attribute-type-length)), +-- value PrintableString (SIZE +-- (1..ub-domain-defined-attribute-value-length)) } +-- +-- Extension Attributes +-- +--ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) +-- OF ExtensionAttribute +--ExtensionAttribute ::= SEQUENCE { +-- +-- extension-attribute-type [0] EXTENSION-ATTRIBUTE.&id +-- ({ExtensionAttributeTable}), +-- extension-attribute-value [1] EXTENSION-ATTRIBUTE.&Type +-- ({ExtensionAttributeTable} {@extension-attribute-type}) } +-- +--EXTENSION-ATTRIBUTE ::= CLASS { +-- &id INTEGER (0..ub-extension-attributes) UNIQUE, +-- &Type } +--WITH SYNTAX {&Type IDENTIFIED BY &id} +-- +--ExtensionAttributeTable EXTENSION-ATTRIBUTE ::= { +-- common-name | +-- teletex-common-name | +-- teletex-organization-name | +-- teletex-personal-name | +-- teletex-organizational-unit-names | +-- teletex-domain-defined-attributes | +-- pds-name | +-- physical-delivery-country-name | +-- postal-code | +-- physical-delivery-office-name | +-- physical-delivery-office-number | +-- extension-OR-address-components | +-- physical-delivery-personal-name | +-- physical-delivery-organization-name | +-- extension-physical-delivery-address-components | +-- unformatted-postal-address | +-- street-address | +-- post-office-box-address | +-- poste-restante-address | +-- unique-postal-name | +-- local-postal-attributes | +-- extended-network-address | +-- terminal-type } +-- +-- Extension Standard Attributes +-- +--common-name EXTENSION-ATTRIBUTE ::= {CommonName IDENTIFIED BY 1} +-- +--CommonName ::= PrintableString (SIZE (1..ub-common-name-length)) +-- +--teletex-common-name EXTENSION-ATTRIBUTE ::= +-- {TeletexCommonName IDENTIFIED BY 2} +-- +--TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length)) +-- +--teletex-organization-name EXTENSION-ATTRIBUTE ::= +-- {TeletexOrganizationName IDENTIFIED BY 3} +-- +--TeletexOrganizationName ::= +-- TeletexString (SIZE (1..ub-organization-name-length)) +-- +--teletex-personal-name EXTENSION-ATTRIBUTE ::= +-- {TeletexPersonalName IDENTIFIED BY 4} +-- +--TeletexPersonalName ::= SET { +-- surname [0] TeletexString (SIZE (1..ub-surname-length)), +-- given-name [1] TeletexString +-- (SIZE (1..ub-given-name-length)) OPTIONAL, +-- initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL, +-- generation-qualifier [3] TeletexString (SIZE +-- (1..ub-generation-qualifier-length)) OPTIONAL } +-- +--teletex-organizational-unit-names EXTENSION-ATTRIBUTE ::= +-- {TeletexOrganizationalUnitNames IDENTIFIED BY 5} +-- +--TeletexOrganizationalUnitNames ::= SEQUENCE SIZE +-- (1..ub-organizational-units) OF TeletexOrganizationalUnitName +-- +--TeletexOrganizationalUnitName ::= TeletexString +-- (SIZE (1..ub-organizational-unit-name-length)) +-- +--pds-name EXTENSION-ATTRIBUTE ::= {PDSName IDENTIFIED BY 7} +-- +--PDSName ::= PrintableString (SIZE (1..ub-pds-name-length)) +-- +--physical-delivery-country-name EXTENSION-ATTRIBUTE ::= +-- {PhysicalDeliveryCountryName IDENTIFIED BY 8} +-- +--PhysicalDeliveryCountryName ::= CHOICE { +-- x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)), +-- iso-3166-alpha2-code PrintableString +-- (SIZE (ub-country-name-alpha-length)) } +-- +--postal-code EXTENSION-ATTRIBUTE ::= {PostalCode IDENTIFIED BY 9} +-- +--PostalCode ::= CHOICE { +-- numeric-code NumericString (SIZE (1..ub-postal-code-length)), +-- printable-code PrintableString (SIZE (1..ub-postal-code-length)) } +-- +--physical-delivery-office-name EXTENSION-ATTRIBUTE ::= +-- {PhysicalDeliveryOfficeName IDENTIFIED BY 10} +-- +--PhysicalDeliveryOfficeName ::= PDSParameter +-- +--physical-delivery-office-number EXTENSION-ATTRIBUTE ::= +-- {PhysicalDeliveryOfficeNumber IDENTIFIED BY 11} +-- +--PhysicalDeliveryOfficeNumber ::= PDSParameter +-- +--extension-OR-address-components EXTENSION-ATTRIBUTE ::= +-- {ExtensionORAddressComponents IDENTIFIED BY 12} +-- +--ExtensionORAddressComponents ::= PDSParameter +-- +--physical-delivery-personal-name EXTENSION-ATTRIBUTE ::= +-- {PhysicalDeliveryPersonalName IDENTIFIED BY 13} +-- +--PhysicalDeliveryPersonalName ::= PDSParameter +-- +--physical-delivery-organization-name EXTENSION-ATTRIBUTE ::= +-- {PhysicalDeliveryOrganizationName IDENTIFIED BY 14} +-- +--PhysicalDeliveryOrganizationName ::= PDSParameter +-- +--extension-physical-delivery-address-components EXTENSION-ATTRIBUTE ::= +-- {ExtensionPhysicalDeliveryAddressComponents IDENTIFIED BY 15} +-- +--ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter +-- +--unformatted-postal-address EXTENSION-ATTRIBUTE ::= +-- {UnformattedPostalAddress IDENTIFIED BY 16} +-- +--UnformattedPostalAddress ::= SET { +-- printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF +-- PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL, +-- teletex-string TeletexString (SIZE +-- (1..ub-unformatted-address-length)) OPTIONAL } +-- +--street-address EXTENSION-ATTRIBUTE ::= +-- {StreetAddress IDENTIFIED BY 17} +-- +--StreetAddress ::= PDSParameter +-- +--post-office-box-address EXTENSION-ATTRIBUTE ::= +-- {PostOfficeBoxAddress IDENTIFIED BY 18} +-- +--PostOfficeBoxAddress ::= PDSParameter +-- +--poste-restante-address EXTENSION-ATTRIBUTE ::= +-- {PosteRestanteAddress IDENTIFIED BY 19} +-- +--PosteRestanteAddress ::= PDSParameter +-- +--unique-postal-name EXTENSION-ATTRIBUTE ::= +-- {UniquePostalName IDENTIFIED BY 20} +-- +--UniquePostalName ::= PDSParameter +-- +--local-postal-attributes EXTENSION-ATTRIBUTE ::= +-- {LocalPostalAttributes IDENTIFIED BY 21} +-- +--LocalPostalAttributes ::= PDSParameter +-- +--PDSParameter ::= SET { +-- printable-string PrintableString +-- (SIZE(1..ub-pds-parameter-length)) OPTIONAL, +-- teletex-string TeletexString +-- (SIZE(1..ub-pds-parameter-length)) OPTIONAL } +-- +--extended-network-address EXTENSION-ATTRIBUTE ::= +-- {ExtendedNetworkAddress IDENTIFIED BY 22} +-- +--ExtendedNetworkAddress ::= CHOICE { +-- e163-4-address SEQUENCE { +-- number [0] NumericString +-- (SIZE (1..ub-e163-4-number-length)), +-- sub-address [1] NumericString +-- (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL}, +-- psap-address [0] PresentationAddress } +-- +--PresentationAddress ::= SEQUENCE { +-- pSelector [0] EXPLICIT OCTET STRING OPTIONAL, +-- sSelector [1] EXPLICIT OCTET STRING OPTIONAL, +-- tSelector [2] EXPLICIT OCTET STRING OPTIONAL, +-- nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING} +-- +-- +--terminal-type EXTENSION-ATTRIBUTE ::= {TerminalType IDENTIFIED BY 23} + +TerminalType ::= INTEGER { + telex (3), + teletex (4), + g3-facsimile (5), + g4-facsimile (6), + ia5-terminal (7), + videotex (8) } + +-- Extension Domain-defined Attributes +-- +--teletex-domain-defined-attributes EXTENSION-ATTRIBUTE ::= +-- {TeletexDomainDefinedAttributes IDENTIFIED BY 6} +-- +--TeletexDomainDefinedAttributes ::= SEQUENCE SIZE +-- (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute + +TeletexDomainDefinedAttribute ::= SEQUENCE { + type TeletexString, + value TeletexString +} + +-- specifications of Upper Bounds +-- shall be regarded as mandatory +-- from Annex B of ITU-T X.411 +-- Reference Definition of MTS Parameter Upper Bounds +-- +-- Upper Bounds +--ub-name INTEGER ::= 32768 +--ub-common-name INTEGER ::= 64 +--ub-locality-name INTEGER ::= 128 +--ub-state-name INTEGER ::= 128 +--ub-organization-name INTEGER ::= 64 +--ub-organizational-unit-name INTEGER ::= 64 +--ub-title INTEGER ::= 64 +--ub-match INTEGER ::= 128 +-- +--ub-emailaddress-length INTEGER ::= 128 +-- +--ub-common-name-length INTEGER ::= 64 +--ub-country-name-alpha-length INTEGER ::= 2 +--ub-country-name-numeric-length INTEGER ::= 3 +--ub-domain-defined-attributes INTEGER ::= 4 +--ub-domain-defined-attribute-type-length INTEGER ::= 8 +--ub-domain-defined-attribute-value-length INTEGER ::= 128 +--ub-domain-name-length INTEGER ::= 16 +--ub-extension-attributes INTEGER ::= 256 +--ub-e163-4-number-length INTEGER ::= 15 +--ub-e163-4-sub-address-length INTEGER ::= 40 +--ub-generation-qualifier-length INTEGER ::= 3 +--ub-given-name-length INTEGER ::= 16 +--ub-initials-length INTEGER ::= 5 +--ub-integer-options INTEGER ::= 256 +--ub-numeric-user-id-length INTEGER ::= 32 +--ub-organization-name-length INTEGER ::= 64 +--ub-organizational-unit-name-length INTEGER ::= 32 +--ub-organizational-units INTEGER ::= 4 +--ub-pds-name-length INTEGER ::= 16 +--ub-pds-parameter-length INTEGER ::= 30 +--ub-pds-physical-address-lines INTEGER ::= 6 +--ub-postal-code-length INTEGER ::= 16 +--ub-surname-length INTEGER ::= 40 +--ub-terminal-id-length INTEGER ::= 24 +--ub-unformatted-address-length INTEGER ::= 180 +-- +--ub-x121-address-length INTEGER ::= 16 +-- +-- Note - upper bounds on TeletexString are measured in characters. +-- A significantly greater number of octets will be required to hold +-- such a value. As a minimum, 16 octets, or twice the specified upper +-- bound, whichever is the larger, should be allowed. + + +-- X.509v3 TLS Feature extension (RFC 7633) +Features ::= SEQUENCE OF INTEGER + +END diff --git a/epan/dissectors/asn1/pkix1explicit/packet-pkix1explicit-template.c b/epan/dissectors/asn1/pkix1explicit/packet-pkix1explicit-template.c new file mode 100644 index 00000000..4de46292 --- /dev/null +++ b/epan/dissectors/asn1/pkix1explicit/packet-pkix1explicit-template.c @@ -0,0 +1,131 @@ +#define BER_UNI_TAG_TeletexString 20 /* workaround bug in asn2wrs */ + +/* packet-pkix1explicit.c + * Routines for PKIX1Explitic packet dissection + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "config.h" + +#include <epan/packet.h> +#include <epan/asn1.h> +#include <epan/oids.h> +#include <epan/afn.h> + +#include "packet-ber.h" +#include "packet-pkix1explicit.h" +#include "packet-x509af.h" +#include "packet-x509if.h" +#include "packet-x509ce.h" + +/* from packet-tls-utils.h */ +extern const value_string tls_hello_extension_types[]; + +#define PNAME "PKIX1Explicit" +#define PSNAME "PKIX1EXPLICIT" +#define PFNAME "pkix1explicit" + +void proto_register_pkix1explicit(void); +void proto_reg_handoff_pkix1explicit(void); + +/* Initialize the protocol and registered fields */ +static int proto_pkix1explicit = -1; +static int hf_pkix1explicit_object_identifier_id = -1; +static int hf_pkix1explicit_addressFamily_afn = -1; +static int hf_pkix1explicit_addressFamily_safi = -1; + +static int ett_pkix1explicit_addressFamily = -1; + +#include "packet-pkix1explicit-hf.c" + +/* Initialize the subtree pointers */ +#include "packet-pkix1explicit-ett.c" + +int +dissect_pkix1explicit_Certificate(bool implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index) { + offset = dissect_x509af_Certificate(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} +int +dissect_pkix1explicit_CertificateList(bool implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index) { + offset = dissect_x509af_CertificateList(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} +int +dissect_pkix1explicit_GeneralName(bool implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index) { + offset = dissect_x509ce_GeneralName(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} +int +dissect_pkix1explicit_Name(bool implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index) { + offset = dissect_x509if_Name(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} +int +dissect_pkix1explicit_AlgorithmIdentifier(bool implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index) { + offset = dissect_x509af_AlgorithmIdentifier(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} + +int +dissect_pkix1explicit_SubjectPublicKeyInfo(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index) { + offset = dissect_x509af_SubjectPublicKeyInfo(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} + + +#include "packet-pkix1explicit-fn.c" + + +/*--- proto_register_pkix1explicit ----------------------------------------------*/ +void proto_register_pkix1explicit(void) { + + /* List of fields */ + static hf_register_info hf[] = { + { &hf_pkix1explicit_object_identifier_id, + { "Id", "pkix1explicit.id", FT_STRING, BASE_NONE, NULL, 0, + "Object identifier Id", HFILL }}, + + { &hf_pkix1explicit_addressFamily_afn, + { "Address family(AFN)", "pkix1explicit.addressfamily", FT_UINT16, BASE_DEC, VALS(afn_vals), 0, + NULL, HFILL }}, + + { &hf_pkix1explicit_addressFamily_safi, + { "Subsequent Address Family Identifiers (SAFI)", "pkix1explicit.addressfamily.safi", FT_UINT16, BASE_DEC, NULL, 0, + "Subsequent Address Family Identifiers (SAFI) RFC4760", HFILL }}, +#include "packet-pkix1explicit-hfarr.c" + }; + + /* List of subtrees */ + static gint *ett[] = { + &ett_pkix1explicit_addressFamily, +#include "packet-pkix1explicit-ettarr.c" + }; + + /* Register protocol */ + proto_pkix1explicit = proto_register_protocol(PNAME, PSNAME, PFNAME); + + /* Register fields and subtrees */ + proto_register_field_array(proto_pkix1explicit, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + +} + + +/*--- proto_reg_handoff_pkix1explicit -------------------------------------------*/ +void proto_reg_handoff_pkix1explicit(void) { + oid_add_from_string("id-pkix","1.3.6.1.5.5.7"); + oid_add_from_string("id-dsa-with-sha1","1.2.840.10040.4.3"); +#include "packet-pkix1explicit-dis-tab.c" +} diff --git a/epan/dissectors/asn1/pkix1explicit/packet-pkix1explicit-template.h b/epan/dissectors/asn1/pkix1explicit/packet-pkix1explicit-template.h new file mode 100644 index 00000000..61b77b43 --- /dev/null +++ b/epan/dissectors/asn1/pkix1explicit/packet-pkix1explicit-template.h @@ -0,0 +1,28 @@ +/* packet-pkix1explicit.h + * Routines for PKIX1Explicit packet dissection + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef PACKET_PKIX1EXPLICIT_H +#define PACKET_PKIX1EXPLICIT_H + +int dissect_pkix1explicit_Certificate(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index); +int dissect_pkix1explicit_CertificateList(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index); +#if 0 +int dissect_pkix1explicit_CertificateSerialNumber(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index); +#endif +int dissect_pkix1explicit_Name(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index); +int dissect_pkix1explicit_GeneralName(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index); +int dissect_pkix1explicit_AlgorithmIdentifier(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,proto_tree *tree, int hf_index); +int dissect_pkix1explicit_SubjectPublicKeyInfo(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index); + + +#include "packet-pkix1explicit-exp.h" + +#endif /* PACKET_PKIX1EXPLICIT_H */ + diff --git a/epan/dissectors/asn1/pkix1explicit/pkix1explicit.cnf b/epan/dissectors/asn1/pkix1explicit/pkix1explicit.cnf new file mode 100644 index 00000000..c40477d4 --- /dev/null +++ b/epan/dissectors/asn1/pkix1explicit/pkix1explicit.cnf @@ -0,0 +1,99 @@ +# pkix1explicit.cnf +# pkix1explicit conformation file + +#.MODULE_IMPORT + +#.EXPORTS +Attribute +AttributeTypeAndValue +CertificateSerialNumber +DirectoryString +Extension +Extensions +RelativeDistinguishedName +RDNSequence +TeletexDomainDefinedAttribute +TerminalType +Version +Time +UniqueIdentifier + +#.REGISTER +DirectoryString B "1.3.6.1.5.5.7.2.1" "id-qt-cps" +DomainParameters B "1.2.840.10046.2.1" "dhpublicnumber" +IPAddrBlocks B "1.3.6.1.5.5.7.1.7" "id-pe-ipAddrBlocks" +ASIdentifiers B "1.3.6.1.5.5.7.1.8" "id-pe-autonomousSysIds" +# X.509v3 TLS Feature extension (RFC 7633) +Features B "1.3.6.1.5.5.7.1.24" "id-pe-tlsfeature" +# From PKCS 9 / RFC 2985 +DirectoryString B "1.2.840.113549.1.9.7" "pkcs-9-at-challengePassword" +Extensions B "1.2.840.113549.1.9.14" "pkcs-9-at-extensionRequest" + +#.PDU + +#.NO_EMIT + +#.TYPE_RENAME + +#.FIELD_RENAME + +#.FN_BODY DirectoryString + offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, NULL); + +#.FN_PARS Attribute/type + FN_VARIANT = _str HF_INDEX = hf_pkix1explicit_type VAL_PTR = &actx->external.direct_reference + +#.FN_BODY Attribute/values/_item + offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_PARS AttributeTypeAndValue/type + FN_VARIANT = _str HF_INDEX = hf_pkix1explicit_type_01 VAL_PTR = &actx->external.direct_reference + +#.FN_BODY AttributeTypeAndValue/value + offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_PARS Extension/extnId + FN_VARIANT = _str HF_INDEX = hf_pkix1explicit_object_identifier_id VAL_PTR = &actx->external.direct_reference + +#.FN_BODY Extension/extnId +%(DEFAULT_BODY)s + actx->external.direct_ref_present = (actx->external.direct_reference != NULL) ? TRUE : FALSE; + +#.FN_BODY Extension/extnValue + gint8 appclass; + bool pc, ind; + gint32 tag; + guint32 len; + /* skip past the T and L */ + offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &appclass, &pc, &tag); + offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, &ind); + if (actx->external.direct_ref_present) { + offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL); + } + +# IPAddrAndASCertExtn + +#.FN_BODY IPAddressFamily/addressFamily VAL_PTR = ¶meter_tvb + tvbuff_t *parameter_tvb; + proto_tree *subtree; + +%(DEFAULT_BODY)s + + if (!parameter_tvb) + return offset; + subtree = proto_item_add_subtree(actx->created_item, ett_pkix1explicit_addressFamily); + proto_tree_add_item(subtree, hf_pkix1explicit_addressFamily_afn, parameter_tvb, 0, 2, ENC_BIG_ENDIAN); + if(tvb_reported_length(parameter_tvb)>2) + proto_tree_add_item(subtree, hf_pkix1explicit_addressFamily_safi, parameter_tvb, 0, 2, ENC_BIG_ENDIAN); + +#.TYPE_ATTR +TeletexDomainDefinedAttribute/type DISPLAY = BASE_NONE + +#.TYPE_ATTR +TeletexDomainDefinedAttribute/value DISPLAY = BASE_NONE + +#.TYPE_ATTR +Features/_item TYPE = FT_UINT16 STRINGS = VALS(tls_hello_extension_types) BLURB = "TLS Extension that MUST be supported by the server" + +#.END + diff --git a/epan/dissectors/asn1/pkix1explicit/pkix1explicit_exp.cnf b/epan/dissectors/asn1/pkix1explicit/pkix1explicit_exp.cnf new file mode 100644 index 00000000..8e801fe9 --- /dev/null +++ b/epan/dissectors/asn1/pkix1explicit/pkix1explicit_exp.cnf @@ -0,0 +1,43 @@ +#.IMPORT_TAG +AlgorithmIdentifier BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +Attribute BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +AttributeTypeAndValue BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +Certificate BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +CertificateList BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +CertificateSerialNumber BER_CLASS_UNI BER_UNI_TAG_INTEGER +DirectoryString BER_CLASS_UNI BER_UNI_TAG_PrintableString +Extension BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +Extensions BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +GeneralName BER_CLASS_CON -1/*choice*/ +Name BER_CLASS_ANY -1 +RDNSequence BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +RelativeDistinguishedName BER_CLASS_UNI BER_UNI_TAG_SET +SubjectPublicKeyInfo BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +TeletexDomainDefinedAttribute BER_CLASS_UNI BER_UNI_TAG_SEQUENCE +TerminalType BER_CLASS_UNI BER_UNI_TAG_INTEGER +Time BER_CLASS_ANY/*choice*/ -1/*choice*/ +UniqueIdentifier BER_CLASS_UNI BER_UNI_TAG_BITSTRING +Version BER_CLASS_UNI BER_UNI_TAG_INTEGER +#.END + +#.TYPE_ATTR +Attribute TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +AttributeTypeAndValue TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +Certificate TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +CertificateList TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +CertificateSerialNumber TYPE = FT_INT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +DirectoryString TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +Extension TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +Extensions TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +GeneralName TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +Name TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +RDNSequence TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +RelativeDistinguishedName TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +SubjectPublicKeyInfo TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +TeletexDomainDefinedAttribute TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +TerminalType TYPE = FT_INT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +Time TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(pkix1explicit_Time_vals) BITMASK = 0 +UniqueIdentifier TYPE = FT_BYTES DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 +Version TYPE = FT_INT32 DISPLAY = BASE_DEC STRINGS = VALS(pkix1explicit_Version_vals) BITMASK = 0 +#.END + |