diff options
Diffstat (limited to 'epan/dissectors/asn1/pkcs12/pkcs12.cnf')
-rw-r--r-- | epan/dissectors/asn1/pkcs12/pkcs12.cnf | 159 |
1 files changed, 159 insertions, 0 deletions
diff --git a/epan/dissectors/asn1/pkcs12/pkcs12.cnf b/epan/dissectors/asn1/pkcs12/pkcs12.cnf new file mode 100644 index 00000000..aa078a22 --- /dev/null +++ b/epan/dissectors/asn1/pkcs12/pkcs12.cnf @@ -0,0 +1,159 @@ +# pkcs12.cnf +# PKCS12 conformation file + +#.MODULE_IMPORT +PKCS-7 cms +PKCS-5 x509af + +#.IMPORT ../cms/cms-exp.cnf +#.IMPORT ../x509if/x509if-exp.cnf +#.IMPORT ../x509af/x509af-exp.cnf + +#.EXPORTS + +#.REGISTER +KeyBag B "1.2.840.113549.1.12.10.1.1" "keyBag" +PKCS8ShroudedKeyBag B "1.2.840.113549.1.12.10.1.2" "pkcs8ShroudedKeyBag" +CertBag B "1.2.840.113549.1.12.10.1.3" "certBag" +SecretBag B "1.2.840.113549.1.12.10.1.4" "secretBag" +CRLBag B "1.2.840.113549.1.12.10.1.5" "crlBag" +SafeContents B "1.2.840.113549.1.12.10.1.6" "safeContentsBag" + +# PKCS#9 Attributes - see master list in x509sat.cnf +PFX B "2.16.840.1.113730.3.1.216" "pkcs-9-at-PKCS12" +EncryptedPrivateKeyInfo B "1.2.840.113549.1.9.25.2" "pkcs-9-at-encryptedPrivateKeyInfo" + +# Password Based Encryption +PBEParameter B "1.2.840.113549.1.12.1.1" "pbeWithSHAAnd128BitRC4" +PBEParameter B "1.2.840.113549.1.12.1.2" "pbeWithSHAAnd40BitRC4" +PBEParameter B "1.2.840.113549.1.12.1.3" "pbeWithSHAAnd3-KeyTripleDES-CBC" +PBEParameter B "1.2.840.113549.1.12.1.4" "pbeWithSHAAnd2-KeyTripleDES-CBC" +PBEParameter B "1.2.840.113549.1.12.1.5" "pbeWithSHAAnd128BitRC2-CBC" +PBEParameter B "1.2.840.113549.1.12.1.6" "pbeWithSHAAnd40BitRC2-CBC" + +PBEParameter B "1.2.840.113549.1.5.1" "pbeWithMD2AndDES-CBC" +PBEParameter B "1.2.840.113549.1.5.3" "pbeWithMD5AndDES-CBC" +PBEParameter B "1.2.840.113549.1.5.4" "pbeWithMD2AndRC2-CBC" +PBEParameter B "1.2.840.113549.1.5.6" "pbeWithMD5AndRC2-CBC" +PBEParameter B "1.2.840.113549.1.5.10" "pbeWithSHA1AndDES-CBC" +PBEParameter B "1.2.840.113549.1.5.11" "pbeWithSHA1AndRC2-CBC" + +PBKDF2Params B "1.2.840.113549.1.5.12" "id-PBKDF2" +PBES2Params B "1.2.840.113549.1.5.13" "id-PBES2" +PBMAC1Params B "1.2.840.113549.1.5.14" "id-PBMAC1" + +#.NO_EMIT + +#.TYPE_RENAME + +#.FIELD_RENAME +PrivateKeyInfo/version privateKeyVersion +PBKDF2Params/salt saltChoice + +#.PDU +#AuthenticatedSafe +PrivateKeyInfo + +#.FN_BODY PFX + dissector_handle_t dissector_handle; + + /* we change the CMS id-data dissector to dissect as AuthenticatedSafe + not sure why PKCS#12 couldn't have used its own content type OID for AuthenticatedSafe */ + dissector_handle=create_dissector_handle(dissect_AuthenticatedSafe_OCTETSTRING_PDU, proto_pkcs12); + dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle); + + %(DEFAULT_BODY)s + + /* restore the original dissector */ + dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1"); + +#.FN_BODY AuthenticatedSafe + dissector_handle_t dissector_handle; + + /* we change the CMS id-data dissector to dissect as SafeContents */ + dissector_handle=create_dissector_handle(dissect_SafeContents_OCTETSTRING_PDU, proto_pkcs12); + dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle); + + %(DEFAULT_BODY)s + + /* restore the original dissector */ + dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1"); + +#.FN_PARS SafeBag/bagId FN_VARIANT = _str VAL_PTR = &object_identifier_id +#.FN_FTR SafeBag/bagId + append_oid(actx->pinfo->pool, tree, object_identifier_id); +#.END + +#.FN_PARS CertBag/certId FN_VARIANT = _str VAL_PTR = &object_identifier_id +#.FN_FTR CertBag/certId + append_oid(actx->pinfo->pool, tree, object_identifier_id); +#.END + +#.FN_PARS CRLBag/crlId FN_VARIANT = _str VAL_PTR = &object_identifier_id +#.FN_FTR CRLBag/crlId + append_oid(actx->pinfo->pool, tree, object_identifier_id); +#.END + +#.FN_PARS SecretBag/secretTypeId FN_VARIANT = _str VAL_PTR = &object_identifier_id +#.FN_FTR SecretBag/secretTypeId + append_oid(actx->pinfo->pool, tree, object_identifier_id); +#.END + +#.FN_PARS PKCS12Attribute/attrId FN_VARIANT = _str VAL_PTR = &object_identifier_id +#.FN_FTR PKCS12Attribute/attrId + append_oid(actx->pinfo->pool, tree, object_identifier_id); +#.END + +#.FN_BODY SafeBag/bagValue + if(object_identifier_id) + offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_BODY PKCS12Attribute/attrValues/_item + if(object_identifier_id) + offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_BODY CertBag/certValue + if(object_identifier_id) + offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_BODY CRLBag/crlValue + if(object_identifier_id) + offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_BODY SecretBag/secretValue + if(object_identifier_id) + offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_HDR PBEParameter + /* initialise the encryption parameters */ + PBE_reset_parameters(); + +#.END + +#.FN_PARS OCTET_STRING VAL_PTR = (hf_index == hf_pkcs12_salt ? &salt : NULL) +#.FN_PARS INTEGER VAL_PTR = (hf_index == hf_pkcs12_iterationCount ? &iteration_count : NULL) + +#.FN_PARS EncryptedData VAL_PTR = &encrypted_tvb + +#.FN_HDR EncryptedData + tvbuff_t *encrypted_tvb; + dissector_handle_t dissector_handle; + +#.END + +#.FN_FTR EncryptedData + + + + dissector_handle=create_dissector_handle(dissect_PrivateKeyInfo_PDU, proto_pkcs12); + dissector_change_string("ber.oid", object_identifier_id, dissector_handle); + + PBE_decrypt_data(object_identifier_id, encrypted_tvb, actx->pinfo, actx, actx->created_item); + + /* restore the original dissector */ + dissector_reset_string("ber.oid", object_identifier_id); + +#.END + + + |