From e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 10 Apr 2024 22:34:10 +0200 Subject: Adding upstream version 4.2.2. Signed-off-by: Daniel Baumann --- epan/dissectors/asn1/cms/cms.cnf | 293 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 293 insertions(+) create mode 100644 epan/dissectors/asn1/cms/cms.cnf (limited to 'epan/dissectors/asn1/cms/cms.cnf') diff --git a/epan/dissectors/asn1/cms/cms.cnf b/epan/dissectors/asn1/cms/cms.cnf new file mode 100644 index 00000000..77da3143 --- /dev/null +++ b/epan/dissectors/asn1/cms/cms.cnf @@ -0,0 +1,293 @@ +# CMS.cnf +# CMS conformation file + +#.IMPORT ../x509af/x509af-exp.cnf +#.IMPORT ../x509ce/x509ce-exp.cnf +#.IMPORT ../x509if/x509if-exp.cnf +#.IMPORT ../x509sat/x509sat-exp.cnf + +#.OMIT_ASSIGNMENT +CBCParameter +ExtendedCertificateOrCertificate +#.END + +#.EXPORTS +ContentInfo +ContentType +Countersignature +Digest +DigestAlgorithmIdentifier +DigestAlgorithmIdentifiers +DigestInfo +EncapsulatedContentInfo +EnvelopedData +AuthEnvelopedData +IssuerAndSerialNumber +SignedAttributes +SignedData +SignerIdentifier +SignerInfo +SignerInfos +SignatureValue +UnsignedAttributes + +#.REGISTER +ContentInfo B "1.2.840.113549.1.9.16.1.6" "id-ct-contentInfo" +#OctetString B "1.2.840.113549.1.7.1" "id-data" see x509sat.cnf +SignedData B "1.2.840.113549.1.7.2" "id-signedData" +EnvelopedData B "1.2.840.113549.1.7.3" "id-envelopedData" +DigestedData B "1.2.840.113549.1.7.5" "id-digestedData" +EncryptedData B "1.2.840.113549.1.7.6" "id-encryptedData" +AuthenticatedData B "1.2.840.113549.1.9.16.1.2" "id-ct-authenticatedData" +EncryptedContentInfo B "1.2.840.113549.1.9.16.1.9" "id-ct-compressedData" +AuthEnvelopedData B "1.2.840.113549.1.9.16.1.23" "id-ct-authEnvelopedData" + +ContentType B "1.2.840.113549.1.9.3" "id-contentType" +MessageDigest B "1.2.840.113549.1.9.4" "id-messageDigest" +SigningTime B "1.2.840.113549.1.9.5" "id-signingTime" +Countersignature B "1.2.840.113549.1.9.6" "id-counterSignature" + +ContentInfo B "2.6.1.4.18" "id-et-pkcs7" + +IssuerAndSerialNumber B "1.3.6.1.4.1.311.16.4" "ms-oe-encryption-key-preference" +SMIMECapabilities B "1.2.840.113549.1.9.15" "id-smime-capabilities" +SMIMEEncryptionKeyPreference B "1.2.840.113549.1.9.16.2.11" "id-encryption-key-preference" + +# I think the following should be RC2CBCParameter - but that appears to be incorrect +RC2CBCParameters B "1.2.840.113549.3.4" "id-alg-rc4" + +KeyEncryptionAlgorithmIdentifier B "0.4.0.127.0.7.1.1.5.1.1.3" "ecka-eg-X963KDF-SHA256" +KeyEncryptionAlgorithmIdentifier B "0.4.0.127.0.7.1.1.5.1.1.4" "ecka-eg-X963KDF-SHA384" +KeyEncryptionAlgorithmIdentifier B "0.4.0.127.0.7.1.1.5.1.1.5" "ecka-eg-X963KDF-SHA512" + +KeyEncryptionAlgorithmIdentifier B "2.16.840.1.101.3.4.1.5" "id-aes128-wrap" +KeyEncryptionAlgorithmIdentifier B "2.16.840.1.101.3.4.1.25" "id-aes192-wrap" +KeyEncryptionAlgorithmIdentifier B "2.16.840.1.101.3.4.1.45" "id-aes256-wrap" + +GCMParameters B "2.16.840.1.101.3.4.1.6" "id-aes128-GCM" +GCMParameters B "2.16.840.1.101.3.4.1.26" "id-aes192-GCM" +GCMParameters B "2.16.840.1.101.3.4.1.46" "id-aes256-GCM" + +CCMParameters B "2.16.840.1.101.3.4.1.7" "id-aes128-CCM" +CCMParameters B "2.16.840.1.101.3.4.1.27" "id-aes192-CCM" +CCMParameters B "2.16.840.1.101.3.4.1.44" "id-aes256-CCM" + +# EC algorithms from RFC 3278 / RFC 5753 +KeyWrapAlgorithm B "1.3.133.16.840.63.0.2" "dhSinglePass-stdDH-sha1kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.11.0" "dhSinglePass-stdDH-sha224kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.11.1" "dhSinglePass-stdDH-sha256kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.11.2" "dhSinglePass-stdDH-sha384kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.11.3" "dhSinglePass-stdDH-sha512kdf-scheme" +KeyWrapAlgorithm B "1.3.133.16.840.63.0.3" "dhSinglePass-cofactorDH-sha1kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.14.0" "dhSinglePass-cofactorDH-sha224kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.14.1" "dhSinglePass-cofactorDH-sha256kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.14.2" "dhSinglePass-cofactorDH-sha384kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.14.3" "dhSinglePass-cofactorDH-sha512kdf-scheme" +KeyWrapAlgorithm B "1.3.133.16.840.63.0.16" "mqvSinglePass-sha1kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.15.0" "mqvSinglePass-sha224kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.15.1" "mqvSinglePass-sha256kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.15.2" "mqvSinglePass-sha384kdf-scheme" +KeyWrapAlgorithm B "1.3.132.1.15.3" "mqvSinglePass-sha512kdf-scheme" + +# RFC 3370 [CMS-ASN] (and RFC 5911 section 3) +# - section 4.3.1 - registered in packet-cms-template.c +# NULL B "1.2.840.113549.1.9.16.3.6" "id-alg-CMS3DESwrap" +# - section 4.3.2 +RC2WrapParameter B "1.2.840.113549.1.9.16.3.7" "id-alg-CMSRC2-wrap" +# - section 4.4.1 - PBKDF2-params defined in PKCS#5 / RFC 8018 - not yet implemented +# PBKDF2-params B "1.2.840.113549.1.5.12" "id-PBKDF2" +# - section 5.1 +IV B "1.2.840.113549.3.7" "des-ede3-cbc" +# - section 5.2 +RC2CBCParameters B "1.2.840.113549.3.2" "rc2-cbc" + +# RFC 2798 Attributes - see master list in x509sat.cnf +SignedData B "2.16.840.1.113730.3.1.40" "userSMIMECertificate" + +# RFC 4108 Attributes (in CMSFirmwareWrapper.asn) +FirmwarePkgData B "1.2.840.113549.1.9.16.1.16" "id-ct-firmwarePackage" +FirmwarePackageIdentifier B "1.2.840.113549.1.9.16.2.35" "id-aa-firmwarePackageID" +TargetHardwareIdentifiers B "1.2.840.113549.1.9.16.2.36" "id-aa-targetHardwareIDs" +DecryptKeyIdentifier B "1.2.840.113549.1.9.16.2.37" "id-aa-decryptKeyID" +ImplementedCryptoAlgorithms B "1.2.840.113549.1.9.16.2.38" "id-aa-implCryptoAlgs" +ImplementedCompressAlgorithms B "1.2.840.113549.1.9.16.2.43" "id-aa-implCompressAlgs" +CommunityIdentifiers B "1.2.840.113549.1.9.16.2.40" "id-aa-communityIdentifiers" +FirmwarePackageInfo B "1.2.840.113549.1.9.16.2.42" "id-aa-firmwarePackageInfo" +WrappedFirmwareKey B "1.2.840.113549.1.9.16.2.39" "id-aa-wrappedFirmwareKey" +FirmwarePackageLoadReceipt B "1.2.840.113549.1.9.16.1.17" "id-ct-firmwareLoadReceipt" +FirmwarePackageLoadError B "1.2.840.113549.1.9.16.1.18" "id-ct-firmwareLoadError" +HardwareModuleName B "1.3.6.1.5.5.7.8.4" "id-on-hardwareModuleName" +FirmwarePackageMessageDigest B "1.2.840.113549.1.9.16.2.41" "id-aa-fwPkgMessageDigest" + +#.NO_EMIT + +#.TYPE_RENAME + +#.FIELD_RENAME +SignerInfo/signature signatureValue +RecipientEncryptedKey/rid rekRid +EncryptedContentInfo/contentType encryptedContentType +AttributeCertificateV1/signature signatureValue_v1 +AttributeCertificateV1/signatureAlgorithm signatureAlgorithm_v1 +AttributeCertificateInfoV1/attributes attributes_v1 +AttributeCertificateInfoV1/issuer issuer_v1 +AttributeCertificateInfoV1/signature signature_v1 +AttributeCertificateInfoV1/version version_v1 +RevocationInfoChoice/other otherRIC +FirmwarePackageLoadReceipt/version fwReceiptVersion +FirmwarePackageLoadError/version fwErrorVersion + +#.FN_BODY ContentInfo + top_tree = tree; + %(DEFAULT_BODY)s + top_tree = NULL; + +#.FN_PARS ContentType + FN_VARIANT = _str VAL_PTR = &cms_data->object_identifier_id + +#.FN_BODY ContentType + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + cms_data->object_identifier_id = NULL; + const char *name = NULL; + + %(DEFAULT_BODY)s + + if(cms_data->object_identifier_id) { + name = oid_resolved_from_string(actx->pinfo->pool, cms_data->object_identifier_id); + proto_item_append_text(tree, " (%%s)", name ? name : cms_data->object_identifier_id); + } + +#.FN_BODY ContentInfo/content + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + offset=call_ber_oid_callback(cms_data->object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + + +#.FN_BODY EncapsulatedContentInfo/eContent + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + cms_data->content_tvb = NULL; + offset = dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &cms_data->content_tvb); + + if(cms_data->content_tvb) { + proto_item_set_text(actx->created_item, "eContent (%%u bytes)", tvb_reported_length(cms_data->content_tvb)); + + call_ber_oid_callback(cms_data->object_identifier_id, cms_data->content_tvb, 0, actx->pinfo, top_tree ? top_tree : tree, NULL); + } + +#.FN_PARS OtherRecipientInfo/oriType + FN_VARIANT = _str VAL_PTR = &cms_data->object_identifier_id + +#.FN_HDR OtherRecipientInfo/oriType + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + cms_data->object_identifier_id = NULL; + +#.FN_BODY OtherRecipientInfo/oriValue + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + offset=call_ber_oid_callback(cms_data->object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_PARS OtherKeyAttribute/keyAttrId + FN_VARIANT = _str HF_INDEX = hf_cms_ci_contentType VAL_PTR = &cms_data->object_identifier_id + +#.FN_HDR OtherKeyAttribute/keyAttrId + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + cms_data->object_identifier_id = NULL; + +#.FN_BODY OtherKeyAttribute/keyAttr + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + offset=call_ber_oid_callback(cms_data->object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_PARS OtherRevocationInfoFormat/otherRevInfoFormat + FN_VARIANT = _str VAL_PTR = &cms_data->object_identifier_id + +#.FN_HDR OtherRevocationInfoFormat/otherRevInfoFormat + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + cms_data->object_identifier_id = NULL; + +#.FN_BODY OtherRevocationInfoFormat/otherRevInfo + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + offset=call_ber_oid_callback(cms_data->object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_PARS Attribute/attrType + FN_VARIANT = _str HF_INDEX = hf_cms_attrType VAL_PTR = &cms_data->object_identifier_id + +#.FN_BODY Attribute/attrType + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + cms_data->object_identifier_id = NULL; + const char *name = NULL; + + %(DEFAULT_BODY)s + + if(cms_data->object_identifier_id) { + name = oid_resolved_from_string(actx->pinfo->pool, cms_data->object_identifier_id); + proto_item_append_text(tree, " (%%s)", name ? name : cms_data->object_identifier_id); + } + +#.FN_BODY AttributeValue + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + + offset=call_ber_oid_callback(cms_data->object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_BODY MessageDigest + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + proto_item *pi; + int old_offset = offset; + + %(DEFAULT_BODY)s + + pi = actx->created_item; + + /* move past TLV */ + old_offset = get_ber_identifier(tvb, old_offset, NULL, NULL, NULL); + old_offset = get_ber_length(tvb, old_offset, NULL, NULL); + + if(cms_data->content_tvb) + cms_verify_msg_digest(pi, cms_data->content_tvb, x509af_get_last_algorithm_id(), tvb, old_offset); + +#.FN_PARS SMIMECapability/capability + FN_VARIANT = _str HF_INDEX = hf_cms_attrType VAL_PTR = &cms_data->object_identifier_id + +#.FN_BODY SMIMECapability/capability + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + cms_data->object_identifier_id = NULL; + const char *name = NULL; + + %(DEFAULT_BODY)s + + if(cms_data->object_identifier_id) { + name = oid_resolved_from_string(actx->pinfo->pool, cms_data->object_identifier_id); + proto_item_append_text(tree, " %%s", name ? name : cms_data->object_identifier_id); + cap_tree = tree; + } + +#.FN_BODY SMIMECapability/parameters + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + + offset=call_ber_oid_callback(cms_data->object_identifier_id, tvb, offset, actx->pinfo, tree, NULL); + +#.FN_PARS RC2ParameterVersion + VAL_PTR = &length + +#.FN_BODY RC2ParameterVersion + guint32 length = 0; + + %(DEFAULT_BODY)s + + if(cap_tree != NULL) + proto_item_append_text(cap_tree, " (%%d bits)", length); + +#.FN_PARS EncryptedContent VAL_PTR = &encrypted_tvb + +#.FN_HDR EncryptedContent + tvbuff_t *encrypted_tvb; + proto_item *item; +#.END + +#.FN_FTR EncryptedContent + struct cms_private_data *cms_data = cms_get_private_data(actx->pinfo); + + item = actx->created_item; + + PBE_decrypt_data(cms_data->object_identifier_id, encrypted_tvb, actx->pinfo, actx, item); + +#.END + + -- cgit v1.2.3