From e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 10 Apr 2024 22:34:10 +0200 Subject: Adding upstream version 4.2.2. Signed-off-by: Daniel Baumann --- epan/dissectors/asn1/x509sat/CMakeLists.txt | 44 + .../asn1/x509sat/SelectedAttributeTypes.asn | 1491 ++++++++++++++++++++ .../asn1/x509sat/packet-x509sat-template.c | 110 ++ .../asn1/x509sat/packet-x509sat-template.h | 18 + epan/dissectors/asn1/x509sat/x509sat.cnf | 421 ++++++ 5 files changed, 2084 insertions(+) create mode 100644 epan/dissectors/asn1/x509sat/CMakeLists.txt create mode 100644 epan/dissectors/asn1/x509sat/SelectedAttributeTypes.asn create mode 100644 epan/dissectors/asn1/x509sat/packet-x509sat-template.c create mode 100644 epan/dissectors/asn1/x509sat/packet-x509sat-template.h create mode 100644 epan/dissectors/asn1/x509sat/x509sat.cnf (limited to 'epan/dissectors/asn1/x509sat') diff --git a/epan/dissectors/asn1/x509sat/CMakeLists.txt b/epan/dissectors/asn1/x509sat/CMakeLists.txt new file mode 100644 index 00000000..66e5a873 --- /dev/null +++ b/epan/dissectors/asn1/x509sat/CMakeLists.txt @@ -0,0 +1,44 @@ +# CMakeLists.txt +# +# Wireshark - Network traffic analyzer +# By Gerald Combs +# Copyright 1998 Gerald Combs +# +# SPDX-License-Identifier: GPL-2.0-or-later +# + +set( PROTOCOL_NAME x509sat ) + +set( PROTO_OPT ) + +set( EXPORT_FILES + ${PROTOCOL_NAME}-exp.cnf +) + +set( EXT_ASN_FILE_LIST +) + +set( ASN_FILE_LIST + SelectedAttributeTypes.asn +) + +set( EXTRA_DIST + ${ASN_FILE_LIST} + packet-${PROTOCOL_NAME}-template.c + packet-${PROTOCOL_NAME}-template.h + ${PROTOCOL_NAME}.cnf +) + +set( SRC_FILES + ${EXTRA_DIST} + ${EXT_ASN_FILE_LIST} +) + +set( A2W_FLAGS -b -r Syntax ) + +set( EXTRA_CNF + "${CMAKE_CURRENT_BINARY_DIR}/../x509if/x509if-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../p1/p1-exp.cnf" +) + +ASN2WRS() diff --git a/epan/dissectors/asn1/x509sat/SelectedAttributeTypes.asn b/epan/dissectors/asn1/x509sat/SelectedAttributeTypes.asn new file mode 100644 index 00000000..190226f5 --- /dev/null +++ b/epan/dissectors/asn1/x509sat/SelectedAttributeTypes.asn @@ -0,0 +1,1491 @@ +-- Module SelectedAttributeTypes (X.520:08/1997) + +SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1) + selectedAttributeTypes(5) 3} DEFINITIONS ::= +BEGIN + +-- EXPORTS All +-- The types and values defined in this module are exported for use in the other ASN.1 modules contained +-- within the Directory Specifications, and for the use of other applications which will use them to access +-- Directory services. Other applications may use them for their own purposes, but this will not constrain +-- extensions and modifications needed to maintain or improve the Directory service. +IMPORTS + informationFramework, upperBounds, id-mr, id-avc, + directoryAbstractService, id-pr, id-not, id-cat + FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) + usefulDefinitions(0) 3} + Attribute, ATTRIBUTE, MATCHING-RULE, AttributeType, OBJECT-CLASS, + DistinguishedName, objectIdentifierMatch, distinguishedNameMatch, + CONTEXT, ContextAssertion, AttributeCombination, ContextCombination, + MAPPING-BASED-MATCHING, MRMapping, AttributeValueAssertion + FROM InformationFramework informationFramework + G3FacsimileNonBasicParameters + FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0) + mts-abstract-service(1) version-1999(1)} + ub-answerback, ub-name, ub-common-name, ub-surname, ub-serial-number, + ub-locality-name, ub-state-name, ub-street-address, ub-organization-name, + ub-organizational-unit-name, ub-title, ub-description, + ub-business-category, ub-postal-line, ub-postal-string, ub-postal-code, + ub-post-office-box, ub-physical-office-name, ub-telex-number, + ub-country-code, ub-teletex-terminal-id, ub-telephone-number, + ub-x121-address, ub-international-isdn-number, ub-destination-indicator, + ub-user-password, ub-match, ub-knowledge-information, + ub-directory-string-first-component-match, ub-localeContextSyntax, + ub-pseudonym + FROM UpperBounds upperBounds + FilterItem, HierarchySelections, SearchControlOptions, ServiceControlOptions + FROM DirectoryAbstractService directoryAbstractService; + +-- Directory string type +--This one is much better declared as this, it is prettier at least +--the octet string dissector can handle all of them +--DirectoryString ::= PrintableString + +DirectoryString ::= CHOICE { + teletexString TeletexString, + printableString PrintableString, + universalString UniversalString, + bmpString BMPString, + uTF8String UTF8String +} + + +-- Attribute types + knowledgeInformation ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-knowledge-information} + EQUALITY MATCHING RULE caseIgnoreMatch + ID id-at-knowledgeInformation + } + + name ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-name} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-name + } + + commonName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-common-name} + ID id-at-commonName + } + + surname ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-surname} + ID id-at-surname + } + + givenName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-name} + ID id-at-givenName + } + + initials ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-name} + ID id-at-initials + } + + generationQualifier ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-name} + ID id-at-generationQualifier + } + + uniqueIdentifier ATTRIBUTE ::= { + WITH SYNTAX UniqueIdentifier + EQUALITY MATCHING RULE bitStringMatch + ID id-at-uniqueIdentifier + } + +UniqueIdentifier ::= BIT STRING + + dnQualifier ATTRIBUTE ::= { + WITH SYNTAX PrintableString + EQUALITY MATCHING RULE caseIgnoreMatch + ORDERING MATCHING RULE caseIgnoreOrderingMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-dnQualifier + } + + serialNumber ATTRIBUTE ::= { + WITH SYNTAX PrintableString(SIZE (1..ub-serial-number)) + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-serialNumber + } + + pseudonym ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-pseudonym} + ID id-at-pseudonym + } + + countryName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX CountryName + SINGLE VALUE TRUE + ID id-at-countryName + } + +CountryName ::= PrintableString +-- ISO 3166 codes only + + + localityName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-locality-name} + ID id-at-localityName + } + + collectiveLocalityName ATTRIBUTE ::= { + SUBTYPE OF localityName + COLLECTIVE TRUE + ID id-at-collectiveLocalityName + } + + stateOrProvinceName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-state-name} + ID id-at-stateOrProvinceName + } + + collectiveStateOrProvinceName ATTRIBUTE ::= { + SUBTYPE OF stateOrProvinceName + COLLECTIVE TRUE + ID id-at-collectiveStateOrProvinceName + } + + streetAddress ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-street-address} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-streetAddress + } + + collectiveStreetAddress ATTRIBUTE ::= { + SUBTYPE OF streetAddress + COLLECTIVE TRUE + ID id-at-collectiveStreetAddress + } + + houseIdentifier ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-name} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-houseIdentifier + } + + organizationName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-organization-name} + ID id-at-organizationName + } + + collectiveOrganizationName ATTRIBUTE ::= { + SUBTYPE OF organizationName + COLLECTIVE TRUE + ID id-at-collectiveOrganizationName + } + + organizationalUnitName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-organizational-unit-name} + ID id-at-organizationalUnitName + } + + collectiveOrganizationalUnitName ATTRIBUTE ::= { + SUBTYPE OF organizationalUnitName + COLLECTIVE TRUE + ID id-at-collectiveOrganizationalUnitName + } + + title ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-title} + ID id-at-title + } + + description ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-description} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-description + } + + searchGuide ATTRIBUTE ::= {WITH SYNTAX Guide + ID id-at-searchGuide + } + + +Guide ::= SET { + objectClass [0] OBJECT IDENTIFIER OPTIONAL, + criteria [1] Criteria +} + +Criteria ::= CHOICE { + type [0] CriteriaItem, + and [1] SET OF Criteria, + or [2] SET OF Criteria, + not [3] Criteria +} + +CriteriaItem ::= CHOICE { + equality [0] AttributeType, + substrings [1] AttributeType, + greaterOrEqual [2] AttributeType, + lessOrEqual [3] AttributeType, + approximateMatch [4] AttributeType +} + + enhancedSearchGuide ATTRIBUTE ::= { + WITH SYNTAX EnhancedGuide + ID id-at-enhancedSearchGuide + } + +EnhancedGuide ::= SEQUENCE { + objectClass [0] OBJECT IDENTIFIER, + criteria [1] Criteria, + subset [2] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)} OPTIONAL +} + + businessCategory ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-business-category} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-businessCategory + } + + postalAddress ATTRIBUTE ::= { + WITH SYNTAX PostalAddress + EQUALITY MATCHING RULE caseIgnoreListMatch + SUBSTRINGS MATCHING RULE caseIgnoreListSubstringsMatch + ID id-at-postalAddress + } + +PostalAddress ::= SEQUENCE OF DirectoryString + + collectivePostalAddress ATTRIBUTE ::= { + SUBTYPE OF postalAddress + COLLECTIVE TRUE + ID id-at-collectivePostalAddress + } + + postalCode ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-postal-code} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-postalCode + } + + collectivePostalCode ATTRIBUTE ::= { + SUBTYPE OF postalCode + COLLECTIVE TRUE + ID id-at-collectivePostalCode + } + + postOfficeBox ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-post-office-box} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-postOfficeBox + } + + collectivePostOfficeBox ATTRIBUTE ::= { + SUBTYPE OF postOfficeBox + COLLECTIVE TRUE + ID id-at-collectivePostOfficeBox + } + + physicalDeliveryOfficeName ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-physical-office-name} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-physicalDeliveryOfficeName + } + + collectivePhysicalDeliveryOfficeName ATTRIBUTE ::= { + SUBTYPE OF physicalDeliveryOfficeName + COLLECTIVE TRUE + ID id-at-collectivePhysicalDeliveryOfficeName + } + + telephoneNumber ATTRIBUTE ::= { + WITH SYNTAX TelephoneNumber + EQUALITY MATCHING RULE telephoneNumberMatch + SUBSTRINGS MATCHING RULE telephoneNumberSubstringsMatch + ID id-at-telephoneNumber + } + +TelephoneNumber ::= PrintableString + +-- String complying with CCITT Rec. E.123 only + collectiveTelephoneNumber ATTRIBUTE ::= { + SUBTYPE OF telephoneNumber + COLLECTIVE TRUE + ID id-at-collectiveTelephoneNumber + } + + telexNumber ATTRIBUTE ::= { + WITH SYNTAX TelexNumber + ID id-at-telexNumber + } + +TelexNumber ::= SEQUENCE { + telexNumber PrintableString, + countryCode PrintableString, + answerback PrintableString +} + + collectiveTelexNumber ATTRIBUTE ::= { + SUBTYPE OF telexNumber + COLLECTIVE TRUE + ID id-at-collectiveTelexNumber + } + + facsimileTelephoneNumber ATTRIBUTE ::= { + WITH SYNTAX FacsimileTelephoneNumber + EQUALITY MATCHING RULE facsimileNumberMatch + SUBSTRINGS MATCHING RULE facsimileNumberSubstringsMatch + ID id-at-facsimileTelephoneNumber + } + + facsimileNumberMatch MATCHING-RULE ::= { + SYNTAX TelephoneNumber + ID id-mr-facsimileNumberMatch + } + + facsimileNumberSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-facsimileNumberSubstringsMatch + } + +FacsimileTelephoneNumber ::= SEQUENCE { + telephoneNumber TelephoneNumber, + parameters G3FacsimileNonBasicParameters OPTIONAL +} + + collectiveFacsimileTelephoneNumber ATTRIBUTE ::= { + SUBTYPE OF facsimileTelephoneNumber + COLLECTIVE TRUE + ID id-at-collectiveFacsimileTelephoneNumber + } + + x121Address ATTRIBUTE ::= { + WITH SYNTAX X121Address + EQUALITY MATCHING RULE numericStringMatch + SUBSTRINGS MATCHING RULE numericStringSubstringsMatch + ID id-at-x121Address + } + +X121Address ::= NumericString + +-- String as defined by ITU-T Rec. X.121 + internationalISDNNumber ATTRIBUTE ::= { + WITH SYNTAX InternationalISDNNumber + EQUALITY MATCHING RULE numericStringMatch + SUBSTRINGS MATCHING RULE numericStringSubstringsMatch + ID id-at-internationalISDNNumber + } + +InternationalISDNNumber ::= NumericString + +-- String complying with ITU-T Rec. E.164 only + collectiveInternationalISDNNumber ATTRIBUTE ::= { + SUBTYPE OF internationalISDNNumber + COLLECTIVE TRUE + ID id-at-collectiveInternationalISDNNumber + } + + registeredAddress ATTRIBUTE ::= { + SUBTYPE OF postalAddress + WITH SYNTAX PostalAddress + ID id-at-registeredAddress + } + + destinationIndicator ATTRIBUTE ::= { + WITH SYNTAX DestinationIndicator + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-destinationIndicator + } + +DestinationIndicator ::= PrintableString + + communicationsService ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-at-communicationsService + } + + communicationsNetwork ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + SINGLE VALUE TRUE + ID id-at-communicationsNetwork + } + +-- alphabetical characters only + preferredDeliveryMethod ATTRIBUTE ::= { + WITH SYNTAX PreferredDeliveryMethod + SINGLE VALUE TRUE + ID id-at-preferredDeliveryMethod + } + +PreferredDeliveryMethod ::= SEQUENCE OF + INTEGER {any-delivery-method(0), mhs-delivery(1), physical-delivery(2), + telex-delivery(3), teletex-delivery(4), g3-facsimile-delivery(5), + g4-facsimile-delivery(6), ia5-terminal-delivery(7), + videotex-delivery(8), telephone-delivery(9)} + + presentationAddress ATTRIBUTE ::= { + WITH SYNTAX PresentationAddress + EQUALITY MATCHING RULE presentationAddressMatch + SINGLE VALUE TRUE + ID id-at-presentationAddress + } + +PresentationAddress ::= SEQUENCE { + pSelector [0] OCTET STRING OPTIONAL, + sSelector [1] OCTET STRING OPTIONAL, + tSelector [2] OCTET STRING OPTIONAL, + nAddresses [3] SET OF OCTET STRING +} + + supportedApplicationContext ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-at-supportedApplicationContext + } + + protocolInformation ATTRIBUTE ::= { + WITH SYNTAX ProtocolInformation + EQUALITY MATCHING RULE protocolInformationMatch + ID id-at-protocolInformation + } + +ProtocolInformation ::= SEQUENCE { + nAddress OCTET STRING, + profiles SET OF OBJECT IDENTIFIER +} + + distinguishedName ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + ID id-at-distinguishedName + } + + member ATTRIBUTE ::= {SUBTYPE OF distinguishedName + ID id-at-member + } + + uniqueMember ATTRIBUTE ::= { + WITH SYNTAX NameAndOptionalUID + EQUALITY MATCHING RULE uniqueMemberMatch + ID id-at-uniqueMember + } + +NameAndOptionalUID ::= SEQUENCE { + dn DistinguishedName, + uid UniqueIdentifier OPTIONAL +} + + owner ATTRIBUTE ::= {SUBTYPE OF distinguishedName + ID id-at-owner + } + + roleOccupant ATTRIBUTE ::= { + SUBTYPE OF distinguishedName + ID id-at-roleOccupant + } + + seeAlso ATTRIBUTE ::= {SUBTYPE OF distinguishedName + ID id-at-seeAlso + } + + dmdName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-common-name} + ID id-at-dmdName + } + + dSAProblem ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-not-dSAProblem + } + + searchServiceProblem ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + SINGLE VALUE TRUE + ID id-not-searchServiceProblem + } + + serviceType ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + SINGLE VALUE TRUE + ID id-not-serviceType + } + + attributeTypeList ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-not-attributeTypeList + } + + filterItem ATTRIBUTE ::= { + WITH SYNTAX FilterItem + ID id-not-filterItem + } + + attributeCombinations ATTRIBUTE ::= { + WITH SYNTAX AttributeCombination + ID id-not-attributeCombinations + } + + contextTypeList ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-not-contextTypeList + } + + contextList ATTRIBUTE ::= { + WITH SYNTAX ContextAssertion + ID id-not-contextList + } + + hierarchySelectList ATTRIBUTE ::= { + WITH SYNTAX HierarchySelections + SINGLE VALUE TRUE + ID id-not-hierarchySelectList + } + + searchOptionsList ATTRIBUTE ::= { + WITH SYNTAX SearchControlOptions + SINGLE VALUE TRUE + ID id-not-searchOptionsList + } + + serviceControlOptionsList ATTRIBUTE ::= { + WITH SYNTAX ServiceControlOptions + SINGLE VALUE TRUE + ID id-not-serviceControlOptionsList + } + + multipleMatchingLocalities ATTRIBUTE ::= { + WITH SYNTAX MultipleMatchingLocalities + ID id-not-multipleMatchingLocalities + } + +MultipleMatchingLocalities ::= SEQUENCE { + matchingRuleUsed OBJECT IDENTIFIER OPTIONAL, + attributeList SEQUENCE OF AttributeValueAssertion +} + + proposedRelaxation ATTRIBUTE ::= { + WITH SYNTAX SEQUENCE OF MRMapping + ID id-not-proposedRelaxation + } + + appliedRelaxation ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-not-appliedRelaxation + } + +-- Matching rules + caseIgnoreMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-caseIgnoreMatch + } + + caseIgnoreOrderingMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-caseIgnoreOrderingMatch + } + + caseIgnoreSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-caseIgnoreSubstringsMatch + } + +SubstringAssertion ::= SEQUENCE OF + CHOICE {initial [0] DirectoryString, + any [1] DirectoryString, + final [2] DirectoryString, + control Attribute + } + +-- Used to specify interpretation of the following items + +-- at most one initial and one final component + caseExactMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-caseExactMatch + } + + caseExactOrderingMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-caseExactOrderingMatch + } + + caseExactSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + only the PrintableString choice + ID id-mr-caseExactSubstringsMatch + } + + numericStringMatch MATCHING-RULE ::= { + SYNTAX NumericString + ID id-mr-numericStringMatch + } + + numericStringOrderingMatch MATCHING-RULE ::= { + SYNTAX NumericString + ID id-mr-numericStringOrderingMatch + } + + numericStringSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-numericStringSubstringsMatch + } + + caseIgnoreListMatch MATCHING-RULE ::= { + SYNTAX CaseIgnoreListMatch + ID id-mr-caseIgnoreListMatch + } + +CaseIgnoreListMatch ::= SEQUENCE OF DirectoryString + + caseIgnoreListSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-caseIgnoreListSubstringsMatch + } + + storedPrefixMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-storedPrefixMatch + } + + booleanMatch MATCHING-RULE ::= {SYNTAX BOOLEAN + ID id-mr-booleanMatch + } + + integerMatch MATCHING-RULE ::= {SYNTAX INTEGER + ID id-mr-integerMatch + } + + integerOrderingMatch MATCHING-RULE ::= { + SYNTAX INTEGER + ID id-mr-integerOrderingMatch + } + + bitStringMatch MATCHING-RULE ::= { + SYNTAX BIT STRING + ID id-mr-bitStringMatch + } + + octetStringMatch MATCHING-RULE ::= { + SYNTAX OCTET STRING + ID id-mr-octetStringMatch + } + + octetStringOrderingMatch MATCHING-RULE ::= { + SYNTAX OCTET STRING + ID id-mr-octetStringOrderingMatch + } + + octetStringSubstringsMatch MATCHING-RULE ::= { + SYNTAX OctetSubstringAssertion + ID id-mr-octetStringSubstringsMatch + } + +OctetSubstringAssertion ::= SEQUENCE OF + CHOICE {initial [0] OCTET STRING, + any [1] OCTET STRING, + final [2] OCTET STRING} + +-- at most one initial and one final component + telephoneNumberMatch MATCHING-RULE ::= { + SYNTAX TelephoneNumber + ID id-mr-telephoneNumberMatch + } + + telephoneNumberSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-telephoneNumberSubstringsMatch + } + + presentationAddressMatch MATCHING-RULE ::= { + SYNTAX PresentationAddress + ID id-mr-presentationAddressMatch + } + + uniqueMemberMatch MATCHING-RULE ::= { + SYNTAX NameAndOptionalUID + ID id-mr-uniqueMemberMatch + } + + protocolInformationMatch MATCHING-RULE ::= { + SYNTAX OCTET STRING + ID id-mr-protocolInformationMatch + } + + uTCTimeMatch MATCHING-RULE ::= {SYNTAX UTCTime + ID id-mr-uTCTimeMatch + } + + uTCTimeOrderingMatch MATCHING-RULE ::= { + SYNTAX UTCTime + ID id-mr-uTCTimeOrderingMatch + } + + generalizedTimeMatch MATCHING-RULE ::= { + SYNTAX GeneralizedTime +-- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 + ID id-mr-generalizedTimeMatch + } + + generalizedTimeOrderingMatch MATCHING-RULE ::= { + SYNTAX GeneralizedTime + as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 + ID id-mr-generalizedTimeOrderingMatch + } + + integerFirstComponentMatch MATCHING-RULE ::= { + SYNTAX INTEGER + ID id-mr-integerFirstComponentMatch + } + + objectIdentifierFirstComponentMatch MATCHING-RULE ::= { + SYNTAX OBJECT IDENTIFIER + ID id-mr-objectIdentifierFirstComponentMatch + } + + directoryStringFirstComponentMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-directory-string-first-component-match} + ID id-mr-directoryStringFirstComponentMatch + } + + wordMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-wordMatch + } + + keywordMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-keywordMatch + } + + systemProposedMatch MATCHING-RULE ::= {ID id-mr-systemProposedMatch + } + + generalWordMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-generalWordMatch + } + + sequenceMatchType ATTRIBUTE ::= { + WITH SYNTAX + ENUMERATED {sequenceExact(0), sequenceDeletion(1), + sequenceRestrictedDeletion(2), sequencePermutation(3), + sequencePermutationAndDeletion(4), sequenceProviderDefined(5)} + SINGLE VALUE TRUE + ID id-cat-sequenceMatchType + } +-- defaulting to sequenceExact, + + wordMatchTypes ATTRIBUTE ::= { + WITH SYNTAX + ENUMERATED {wordExact(0), wordTruncated(1), wordPhonetic(2), + wordProviderDefined(3)} + SINGLE VALUE TRUE + ID id-cat-wordMatchType + } +-- defaulting to wordExact + + characterMatchTypes ATTRIBUTE ::= { + WITH SYNTAX + ENUMERATED {characterExact(0), characterCaseIgnore(1), characterMapped(2)} + SINGLE VALUE TRUE + ID id-cat-characterMatchTypes + } + + selectedContexts ATTRIBUTE ::= { + WITH SYNTAX ContextAssertion + ID id-cat-selectedContexts + } + + approximateStringMatch MATCHING-RULE ::= {ID id-mr-approximateStringMatch + } + + ignoreIfAbsentMatch MATCHING-RULE ::= {ID id-mr-ignoreIfAbsentMatch + } + + nullMatch MATCHING-RULE ::= {ID id-mr-nullMatch + } + + ZONAL-MATCHING ::= + MAPPING-BASED-MATCHING{ZonalSelect, TRUE, ZonalResult, zonalMatch.&id} + +ZonalSelect ::= SEQUENCE OF AttributeType + +ZonalResult ::= ENUMERATED { + cannot-select-mapping(0), zero-mappings(2), multiple-mappings(3)} + + zonalMatch MATCHING-RULE ::= { + UNIQUE-MATCH-INDICATOR multipleMatchingLocalities.&id + ID id-mr-zonalMatch + } + +-- Contexts + languageContext CONTEXT ::= { + WITH SYNTAX LanguageContextSyntax + ID id-avc-language + } + +LanguageContextSyntax ::= PrintableString +-- ISO 639-2 codes only + + + temporalContext CONTEXT ::= { + WITH SYNTAX TimeSpecification + ASSERTED AS TimeAssertion + ID id-avc-temporal + } + +TimeSpecification ::= SEQUENCE { + time CHOICE {absolute SEQUENCE { + startTime [0] GeneralizedTime OPTIONAL, + endTime [1] GeneralizedTime OPTIONAL}, + periodic SET OF Period}, + notThisTime BOOLEAN OPTIONAL, + timeZone TimeZone OPTIONAL +} + +Period ::= SEQUENCE { + timesOfDay [0] SET OF DayTimeBand OPTIONAL, + days [1] CHOICE {intDay SET OF INTEGER, + bitDay BIT STRING {sunday(0), monday(1), tuesday(2), wednesday(3), thursday(4), friday(5), saturday(6)}, + dayOf XDayOf} OPTIONAL, + weeks [2] CHOICE {allWeeks NULL, + intWeek SET OF INTEGER, + bitWeek BIT STRING {week1(0), week2(1), week3(2), week4(3), week5(4)} + } OPTIONAL, + months [3] CHOICE {allMonths NULL, + intMonth SET OF INTEGER, + bitMonth BIT STRING {january(0), february(1), march(2), april(3), may(4), june(5), july(6), august(7), september(8), october(9), november(10), december(11)}} OPTIONAL, + years [4] SET OF INTEGER OPTIONAL +} + +XDayOf ::= CHOICE { + first [1] NamedDay, + second [2] NamedDay, + third [3] NamedDay, + fourth [4] NamedDay, + fifth [5] NamedDay +} + +NamedDay ::= CHOICE { + intNamedDays ENUMERATED {sunday(1), monday(2), tuesday(3), wednesday(4), thursday(5), friday(6), saturday(7)}, + bitNamedDays BIT STRING {sunday(0), monday(1), tuesday(2), wednesday(3), thursday(4), friday(5), saturday(6)} +} + +DayTimeBand ::= SEQUENCE { + startDayTime [0] DayTime OPTIONAL, + endDayTime [1] DayTime OPTIONAL +} + +DayTime ::= SEQUENCE { + hour [0] INTEGER, + minute [1] INTEGER OPTIONAL, + second [2] INTEGER OPTIONAL +} + +TimeZone ::= INTEGER + +TimeAssertion ::= CHOICE { + now NULL, + at GeneralizedTime, + between SEQUENCE {startTime [0] GeneralizedTime, + endTime [1] GeneralizedTime OPTIONAL, + entirely BOOLEAN OPTIONAL} +} + + localeContext CONTEXT ::= { + WITH SYNTAX LocaleContextSyntax + ID id-avc-locale + } + +LocaleContextSyntax ::= CHOICE { + localeID1 OBJECT IDENTIFIER, + localeID2 DirectoryString +} + +-- Object identifier assignments - +-- object identifiers assigned in other modules are shown in comments +-- Attributes +-- (id-at copied in from UsefulDefinitions) +id-at OBJECT IDENTIFIER ::= {joint-iso-itu-t ds(5) 4} + id-at-objectClass OBJECT IDENTIFIER ::= {id-at 0} + id-at-aliasedEntryName OBJECT IDENTIFIER ::= {id-at 1} + id-at-encryptedAliasedEntryName OBJECT IDENTIFIER ::= + {id-at 1 2} + +id-at-knowledgeInformation OBJECT IDENTIFIER ::= {id-at 2} + +id-at-commonName OBJECT IDENTIFIER ::= {id-at 3} + + id-at-encryptedCommonName OBJECT IDENTIFIER ::= {id-at 3 2} + +id-at-surname OBJECT IDENTIFIER ::= {id-at 4} + + id-at-encryptedSurname OBJECT IDENTIFIER ::= {id-at 4 2} + + id-at-serialNumber OBJECT IDENTIFIER ::= {id-at 5} + + id-at-encryptedSerialNumber OBJECT IDENTIFIER ::= {id-at 5 2} + +id-at-countryName OBJECT IDENTIFIER ::= {id-at 6} + + id-at-encryptedCountryName OBJECT IDENTIFIER ::= {id-at 6 2} + +id-at-localityName OBJECT IDENTIFIER ::= {id-at 7} + + id-at-encryptedLocalityName OBJECT IDENTIFIER ::= {id-at 7 2} + +id-at-collectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1} + + id-at-encryptedCollectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1 2} + +id-at-stateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8} + + id-at-encryptedStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 2} + +id-at-collectiveStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 1} + + id-at-encryptedCollectiveStateOrProvinceName OBJECT IDENTIFIER ::= + {id-at 8 1 2} + +id-at-streetAddress OBJECT IDENTIFIER ::= {id-at 9} + + id-at-encryptedStreetAddress OBJECT IDENTIFIER ::= {id-at 9 2} + +id-at-collectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1} + + id-at-encryptedCollectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1 2} + +id-at-organizationName OBJECT IDENTIFIER ::= {id-at 10} + + id-at-encryptedOrganizationName OBJECT IDENTIFIER ::= {id-at 10 2} + +id-at-collectiveOrganizationName OBJECT IDENTIFIER ::= {id-at 10 1} + + id-at-encryptedCollectiveOrganizationName OBJECT IDENTIFIER ::= {id-at 10 1 2} + +id-at-organizationalUnitName OBJECT IDENTIFIER ::= {id-at 11} + + id-at-encryptedOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 2} + +id-at-collectiveOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 1} + + id-at-encryptedCollectiveOrganizationalUnitName OBJECT IDENTIFIER ::= + {id-at 11 1 2} + +id-at-title OBJECT IDENTIFIER ::= {id-at 12} + + id-at-encryptedTitle OBJECT IDENTIFIER ::= {id-at 12 2} + +id-at-description OBJECT IDENTIFIER ::= {id-at 13} + + id-at-encryptedDescription OBJECT IDENTIFIER ::= {id-at 13 2} + + id-at-searchGuide OBJECT IDENTIFIER ::= {id-at 14} + + id-at-encryptedSearchGuide OBJECT IDENTIFIER ::= {id-at 14 2} + +id-at-businessCategory OBJECT IDENTIFIER ::= {id-at 15} + + id-at-encryptedBusinessCategory OBJECT IDENTIFIER ::= {id-at 15 2} + + id-at-postalAddress OBJECT IDENTIFIER ::= {id-at 16} + + id-at-encryptedPostalAddress OBJECT IDENTIFIER ::= {id-at 16 2} + + id-at-collectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1} + + id-at-encryptedCollectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1 2} + +id-at-postalCode OBJECT IDENTIFIER ::= {id-at 17} + + id-at-encryptedPostalCode OBJECT IDENTIFIER ::= {id-at 17 2} + +id-at-collectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1} + + id-at-encryptedCollectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1 2} + +id-at-postOfficeBox OBJECT IDENTIFIER ::= {id-at 18} + + id-at-encryptedPostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 2} + +id-at-collectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1} + + id-at-encryptedCollectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1 2} + +id-at-physicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19} + + id-at-encryptedPhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19 2} + +id-at-collectivePhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19 1} + + id-at-encryptedCollectivePhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= + {id-at 19 1 2} + +id-at-telephoneNumber OBJECT IDENTIFIER ::= {id-at 20} + + id-at-encryptedTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 2} + +id-at-collectiveTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 1} + + id-at-encryptedCollectiveTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 1 2} + +id-at-telexNumber OBJECT IDENTIFIER ::= {id-at 21} + + id-at-encryptedTelexNumber OBJECT IDENTIFIER ::= {id-at 21 2} + +id-at-collectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1} + + id-at-encryptedCollectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1 2} + + id-at-teletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22} + id-at-encryptedTeletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22 2} + id-at-collectiveTeletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22 1} + id-at-encryptedCollectiveTeletexTerminalIdentifier + OBJECT IDENTIFIER ::= {id-at 22 1 2} + id-at-facsimileTelephoneNumber OBJECT IDENTIFIER ::= + {id-at 23} + + id-at-encryptedFacsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23 2} + + id-at-collectiveFacsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23 1} + + id-at-encryptedCollectiveFacsimileTelephoneNumber OBJECT IDENTIFIER ::= + {id-at 23 1 2} + + id-at-x121Address OBJECT IDENTIFIER ::= {id-at 24} + + id-at-encryptedX121Address OBJECT IDENTIFIER ::= {id-at 24 2} + + id-at-internationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25} + + id-at-encryptedInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 2} + + id-at-collectiveInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 1} + + id-at-encryptedCollectiveInternationalISDNNumber OBJECT IDENTIFIER ::= + {id-at 25 1 2} + + id-at-registeredAddress OBJECT IDENTIFIER ::= {id-at 26} + + id-at-encryptedRegisteredAddress OBJECT IDENTIFIER ::= {id-at 26 2} + + id-at-destinationIndicator OBJECT IDENTIFIER ::= {id-at 27} + + id-at-encryptedDestinationIndicator OBJECT IDENTIFIER ::= {id-at 27 2} + + id-at-preferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28} + + id-at-encryptedPreferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28 2} + + id-at-presentationAddress OBJECT IDENTIFIER ::= {id-at 29} + + id-at-encryptedPresentationAddress OBJECT IDENTIFIER ::= {id-at 29 2} + + id-at-supportedApplicationContext OBJECT IDENTIFIER ::= {id-at 30} + + id-at-encryptedSupportedApplicationContext OBJECT IDENTIFIER ::= {id-at 30 2} + + id-at-member OBJECT IDENTIFIER ::= {id-at 31} + + id-at-encryptedMember OBJECT IDENTIFIER ::= {id-at 31 2} + + id-at-owner OBJECT IDENTIFIER ::= {id-at 32} + + id-at-encryptedOwner OBJECT IDENTIFIER ::= {id-at 32 2} + + id-at-roleOccupant OBJECT IDENTIFIER ::= {id-at 33} + + id-at-encryptedRoleOccupant OBJECT IDENTIFIER ::= {id-at 33 2} + + id-at-seeAlso OBJECT IDENTIFIER ::= {id-at 34} + + id-at-encryptedSeeAlso OBJECT IDENTIFIER ::= {id-at 34 2} + + id-at-userPassword OBJECT IDENTIFIER ::= {id-at 35} + id-at-encryptedUserPassword OBJECT IDENTIFIER ::= + {id-at 35 2} + + id-at-userCertificate OBJECT IDENTIFIER ::= {id-at 36} + id-at-encryptedUserCertificate OBJECT IDENTIFIER ::= + {id-at 36 2} + + id-at-cACertificate OBJECT IDENTIFIER ::= {id-at 37} + id-at-encryptedCACertificate OBJECT IDENTIFIER ::= + {id-at 37 2} + + id-at-authorityRevocationList OBJECT IDENTIFIER ::= {id-at 38} + id-at-encryptedAuthorityRevocationList OBJECT IDENTIFIER ::= + {id-at 38 2} + + id-at-certificateRevocationList OBJECT IDENTIFIER ::= {id-at 39} + id-at-encryptedCertificateRevocationList OBJECT IDENTIFIER ::= + {id-at 39 2} + + id-at-crossCertificatePair OBJECT IDENTIFIER ::= {id-at 40} + id-at-encryptedCrossCertificatePair OBJECT IDENTIFIER ::= + {id-at 40 2} + +id-at-name OBJECT IDENTIFIER ::= {id-at 41} + +id-at-givenName OBJECT IDENTIFIER ::= {id-at 42} + + id-at-encryptedGivenName OBJECT IDENTIFIER ::= {id-at 42 2} + +id-at-initials OBJECT IDENTIFIER ::= {id-at 43} + + id-at-encryptedInitials OBJECT IDENTIFIER ::= {id-at 43 2} + +id-at-generationQualifier OBJECT IDENTIFIER ::= {id-at 44} + + id-at-encryptedGenerationQualifier OBJECT IDENTIFIER ::= {id-at 44 2} + + id-at-uniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45} + + id-at-encryptedUniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45 2} + + id-at-dnQualifier OBJECT IDENTIFIER ::= {id-at 46} + + id-at-encryptedDnQualifier OBJECT IDENTIFIER ::= {id-at 46 2} + + id-at-enhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47} + + id-at-encryptedEnhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47 2} + + id-at-protocolInformation OBJECT IDENTIFIER ::= {id-at 48} + + id-at-encryptedProtocolInformation OBJECT IDENTIFIER ::= {id-at 48 2} + + id-at-distinguishedName OBJECT IDENTIFIER ::= {id-at 49} + + id-at-encryptedDistinguishedName OBJECT IDENTIFIER ::= {id-at 49 2} + + id-at-uniqueMember OBJECT IDENTIFIER ::= {id-at 50} + + id-at-encryptedUniqueMember OBJECT IDENTIFIER ::= {id-at 50 2} + +id-at-houseIdentifier OBJECT IDENTIFIER ::= {id-at 51} + + id-at-encryptedHouseIdentifier OBJECT IDENTIFIER ::= {id-at 51 2} + + id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52} + id-at-encryptedSupportedAlgorithms OBJECT IDENTIFIER ::= + {id-at 52 2} + + id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53} + id-at-encryptedDeltaRevocationList OBJECT IDENTIFIER ::= + {id-at 53 2} + +id-at-dmdName OBJECT IDENTIFIER ::= {id-at 54} + + id-at-encryptedDmdName OBJECT IDENTIFIER ::= {id-at 54 2} + + id-at-clearance OBJECT IDENTIFIER ::= {id-at 55} + id-at-encryptedClearance OBJECT IDENTIFIER ::= + {id-at 55 2} + + id-at-defaultDirQop OBJECT IDENTIFIER ::= {id-at 56} + id-at-encryptedDefaultDirQop OBJECT IDENTIFIER ::= + {id-at 56 2} + + id-at-attributeIntegrityInfo OBJECT IDENTIFIER ::= {id-at 57} + id-at-encryptedAttributeIntegrityInfo OBJECT IDENTIFIER ::= + {id-at 57 2} + + id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} + id-at-encryptedAttributeCertificate OBJECT IDENTIFIER ::= + {id-at 58 2} + + id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59} + id-at-encryptedAttributeCertificateRevocationList OBJECT IDENTIFIER ::= + {id-at 59 2} + + id-at-confKeyInfo OBJECT IDENTIFIER ::= {id-at 60} + id-at-encryptedConfKeyInfo OBJECT IDENTIFIER ::= + {id-at 60 2} + + --id-at-family-information OBJECT IDENTIFIER {id-at 64} +id-at-pseudonym OBJECT IDENTIFIER ::= {id-at 65} + + id-at-communicationsService OBJECT IDENTIFIER ::= {id-at 66} + + id-at-communicationsNetwork OBJECT IDENTIFIER ::= {id-at 67} + +-- Matching rules + id-mr-objectIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 0} + id-mr-distinguishedNameMatch OBJECT IDENTIFIER ::= {id-mr 1} + id-mr-caseIgnoreMatch OBJECT IDENTIFIER ::= + {id-mr 2} + + id-mr-caseIgnoreOrderingMatch OBJECT IDENTIFIER ::= {id-mr 3} + + id-mr-caseIgnoreSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 4} + + id-mr-caseExactMatch OBJECT IDENTIFIER ::= {id-mr 5} + + id-mr-caseExactOrderingMatch OBJECT IDENTIFIER ::= {id-mr 6} + + id-mr-caseExactSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 7} + + id-mr-numericStringMatch OBJECT IDENTIFIER ::= {id-mr 8} + + id-mr-numericStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 9} + + id-mr-numericStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 10} + + id-mr-caseIgnoreListMatch OBJECT IDENTIFIER ::= {id-mr 11} + + id-mr-caseIgnoreListSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 12} + + id-mr-booleanMatch OBJECT IDENTIFIER ::= {id-mr 13} + + id-mr-integerMatch OBJECT IDENTIFIER ::= {id-mr 14} + + id-mr-integerOrderingMatch OBJECT IDENTIFIER ::= {id-mr 15} + + id-mr-bitStringMatch OBJECT IDENTIFIER ::= {id-mr 16} + + id-mr-octetStringMatch OBJECT IDENTIFIER ::= {id-mr 17} + + id-mr-octetStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 18} + + id-mr-octetStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 19} + + id-mr-telephoneNumberMatch OBJECT IDENTIFIER ::= {id-mr 20} + + id-mr-telephoneNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 21} + + id-mr-presentationAddressMatch OBJECT IDENTIFIER ::= {id-mr 22} + + id-mr-uniqueMemberMatch OBJECT IDENTIFIER ::= {id-mr 23} + + id-mr-protocolInformationMatch OBJECT IDENTIFIER ::= {id-mr 24} + + id-mr-uTCTimeMatch OBJECT IDENTIFIER ::= {id-mr 25} + + id-mr-uTCTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 26} + + id-mr-generalizedTimeMatch OBJECT IDENTIFIER ::= {id-mr 27} + + id-mr-generalizedTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 28} + + id-mr-integerFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 29} + + id-mr-objectIdentifierFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 30} + + id-mr-directoryStringFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 31} + + id-mr-wordMatch OBJECT IDENTIFIER ::= {id-mr 32} + + id-mr-keywordMatch OBJECT IDENTIFIER ::= {id-mr 33} + + id-mr-certificateExactMatch OBJECT IDENTIFIER ::= {id-mr 34} + id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35} + id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36} + id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37} + id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38} + id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39} + id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40} + id-mr-storedPrefixMatch OBJECT IDENTIFIER ::= + {id-mr 41} + + id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} + id-mr-readerAndKeyIDMatch OBJECT IDENTIFIER ::= {id-mr 43} + id-mr-attributeIntegrityMatch OBJECT IDENTIFIER ::= {id-mr 44} + id-mr-systemProposedMatch OBJECT IDENTIFIER ::= + {id-mr 47} + + id-mr-generalWordMatch OBJECT IDENTIFIER ::= {id-mr 48} + + id-mr-approximateStringMatch OBJECT IDENTIFIER ::= {id-mr 49} + + id-mr-ignoreIfAbsentMatch OBJECT IDENTIFIER ::= {id-mr 50} + + id-mr-nullMatch OBJECT IDENTIFIER ::= {id-mr 51} + + id-mr-zonalMatch OBJECT IDENTIFIER ::= {id-mr 52} + + id-mr-facsimileNumberMatch OBJECT IDENTIFIER ::= {id-mr 63} + + id-mr-facsimileNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 64} + +-- contexts + id-avc-language OBJECT IDENTIFIER ::= {id-avc 0} + + id-avc-temporal OBJECT IDENTIFIER ::= {id-avc 1} + + id-avc-locale OBJECT IDENTIFIER ::= {id-avc 2} + + id-avc-attributeValueSecurityLabelContext OBJECT IDENTIFIER ::= {id-avc 3} + id-avc-attributeValueIntegrityInfoContext OBJECT IDENTIFIER ::= {id-avc 4} +-- Problem definitions + id-pr-targetDsaUnavailable OBJECT IDENTIFIER ::= + {id-pr 1} + + id-pr-dataSourceUnavailable OBJECT IDENTIFIER ::= {id-pr 2} + + id-pr-unidentifiedOperation OBJECT IDENTIFIER ::= {id-pr 3} + + id-pr-unavailableOperation OBJECT IDENTIFIER ::= {id-pr 4} + + id-pr-searchAttributeViolation OBJECT IDENTIFIER ::= {id-pr 5} + + id-pr-searchAttributeCombinationViolation OBJECT IDENTIFIER ::= {id-pr 6} + + id-pr-searchValueNotAllowed OBJECT IDENTIFIER ::= {id-pr 7} + + id-pr-missingSearchAttribute OBJECT IDENTIFIER ::= {id-pr 8} + + id-pr-searchValueViolation OBJECT IDENTIFIER ::= {id-pr 9} + + id-pr-attributeNegationViolation OBJECT IDENTIFIER ::= {id-pr 10} + + id-pr-searchValueRequired OBJECT IDENTIFIER ::= {id-pr 11} + + id-pr-invalidSearchValue OBJECT IDENTIFIER ::= {id-pr 12} + + id-pr-searchContextViolation OBJECT IDENTIFIER ::= {id-pr 13} + + id-pr-searchContextCombinationViolation OBJECT IDENTIFIER ::= {id-pr 14} + + id-pr-missingSearchContext OBJECT IDENTIFIER ::= {id-pr 15} + + id-pr-searchContextValueViolation OBJECT IDENTIFIER ::= {id-pr 16} + + id-pr-searchContextValueRequired OBJECT IDENTIFIER ::= {id-pr 17} + + id-pr-invalidContextSearchValue OBJECT IDENTIFIER ::= {id-pr 18} + + id-pr-unsupportedMatchingRule OBJECT IDENTIFIER ::= {id-pr 19} + + id-pr-attributeMatchingViolation OBJECT IDENTIFIER ::= {id-pr 20} + + id-pr-unsupportedMatchingUse OBJECT IDENTIFIER ::= {id-pr 21} + + id-pr-matchingUseViolation OBJECT IDENTIFIER ::= {id-pr 22} + + id-pr-hierarchySelectForbidden OBJECT IDENTIFIER ::= {id-pr 23} + + id-pr-invalidHierarchySelect OBJECT IDENTIFIER ::= {id-pr 24} + + id-pr-unavailableHierarchySelect OBJECT IDENTIFIER ::= {id-pr 25} + + id-pr-invalidSearchOptions OBJECT IDENTIFIER ::= {id-pr 26} + + id-pr-missingSearchOptions OBJECT IDENTIFIER ::= {id-pr 27} + + id-pr-invalidServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 28} + + id-pr-missingServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 29} + + id-pr-searchSubsetViolation OBJECT IDENTIFIER ::= {id-pr 30} + + id-pr-unmatchedKeyAttributes OBJECT IDENTIFIER ::= {id-pr 31} + + id-pr-ambiguousKeyAttributes OBJECT IDENTIFIER ::= {id-pr 32} + +-- Notification attributes + id-not-dSAProblem OBJECT IDENTIFIER ::= {id-not 0} + + id-not-searchServiceProblem OBJECT IDENTIFIER ::= {id-not 1} + + id-not-serviceType OBJECT IDENTIFIER ::= {id-not 2} + + id-not-attributeTypeList OBJECT IDENTIFIER ::= {id-not 3} + + id-not-matchingRuleList OBJECT IDENTIFIER ::= {id-not 4} + + id-not-filterItem OBJECT IDENTIFIER ::= {id-not 5} + + id-not-attributeCombinations OBJECT IDENTIFIER ::= {id-not 6} + + id-not-contextTypeList OBJECT IDENTIFIER ::= {id-not 7} + + id-not-contextList OBJECT IDENTIFIER ::= {id-not 8} + + id-not-contextCombinations OBJECT IDENTIFIER ::= {id-not 9} + + id-not-hierarchySelectList OBJECT IDENTIFIER ::= {id-not 10} + + id-not-searchOptionsList OBJECT IDENTIFIER ::= {id-not 11} + + id-not-serviceControlOptionsList OBJECT IDENTIFIER ::= {id-not 12} + + id-not-multipleMatchingLocalities OBJECT IDENTIFIER ::= {id-not 13} + + id-not-proposedRelaxation OBJECT IDENTIFIER ::= {id-not 14} + + id-not-appliedRelaxation OBJECT IDENTIFIER ::= {id-not 15} + + id-not-substringRequirements OBJECT IDENTIFIER ::= {id-not 16} + +-- Control attributes + id-cat-sequenceMatchType OBJECT IDENTIFIER ::= + {id-cat 1} + + id-cat-wordMatchType OBJECT IDENTIFIER ::= {id-cat 2} + + id-cat-characterMatchTypes OBJECT IDENTIFIER ::= {id-cat 3} + + id-cat-selectedContexts OBJECT IDENTIFIER ::= {id-cat 4} + + +-- We add these in to give the low-level ASN.1 syntaxes +-- PrintableString and ObjectIdentifier are the most useful +-- Note the "Syntax" will be removed during the "make" - it is +-- present to stop asn2wrs complaining about reserved words +-- Needed to be able to "call" them from OID callbacks.(see .cnf) + +ObjectIdentifier ::= OBJECT IDENTIFIER +OctetString ::= OCTET STRING +BitString ::= BIT STRING +Integer ::= INTEGER +Boolean ::= BOOLEAN + +-- these are reserved words, so we need to prefix them +-- Currently not used ones commented out. +SyntaxGeneralizedTime ::= GeneralizedTime +SyntaxUTCTime ::= UTCTime +SyntaxNumericString ::= NumericString +SyntaxPrintableString ::= PrintableString +SyntaxIA5String ::= IA5String +SyntaxBMPString ::= BMPString +SyntaxUniversalString ::= UniversalString +SyntaxUTF8String ::= UTF8String +SyntaxTeletexString ::= TeletexString +SyntaxT61String ::= T61String +SyntaxVideotexString ::= VideotexString +SyntaxGraphicString ::= GraphicString +SyntaxISO646String ::= ISO646String +SyntaxVisibleString ::= VisibleString +SyntaxGeneralString ::= GeneralString + +GUID ::= OCTET STRING + +END -- SelectedAttributeTypes + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D + diff --git a/epan/dissectors/asn1/x509sat/packet-x509sat-template.c b/epan/dissectors/asn1/x509sat/packet-x509sat-template.c new file mode 100644 index 00000000..c32c5b08 --- /dev/null +++ b/epan/dissectors/asn1/x509sat/packet-x509sat-template.c @@ -0,0 +1,110 @@ +/* packet-x509sat.c + * Routines for X.509 Selected Attribute Types packet dissection + * Ronnie Sahlberg 2004 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "config.h" + +#include +#include +#include +#include +#include + +#include "packet-ber.h" +#include "packet-p1.h" +#include "packet-x509sat.h" +#include "packet-x509if.h" + +#define PNAME "X.509 Selected Attribute Types" +#define PSNAME "X509SAT" +#define PFNAME "x509sat" + +void proto_register_x509sat(void); +void proto_reg_handoff_x509sat(void); + +/* Initialize the protocol and registered fields */ +static int proto_x509sat = -1; +#include "packet-x509sat-hf.c" + +/* Initialize the subtree pointers */ +#include "packet-x509sat-ett.c" + +#include "packet-x509sat-fn.c" + + +/*--- proto_register_x509sat ----------------------------------------------*/ +void proto_register_x509sat(void) { + + /* List of fields */ + static hf_register_info hf[] = { +#include "packet-x509sat-hfarr.c" + }; + + /* List of subtrees */ + static gint *ett[] = { +#include "packet-x509sat-ettarr.c" + }; + + /* Register protocol */ + proto_x509sat = proto_register_protocol(PNAME, PSNAME, PFNAME); + + /* Register fields and subtrees */ + proto_register_field_array(proto_x509sat, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + +#include "packet-x509sat-syn-reg.c" + +} + + +/*--- proto_reg_handoff_x509sat -------------------------------------------*/ +void proto_reg_handoff_x509sat(void) { +#include "packet-x509sat-dis-tab.c" + + /* OBJECT CLASSES */ + + oid_add_from_string("top","2.5.6.0"); + oid_add_from_string("alias","2.5.6.1"); + oid_add_from_string("country","2.5.6.2"); + oid_add_from_string("locality","2.5.6.3"); + oid_add_from_string("organization","2.5.6.4"); + oid_add_from_string("organizationalUnit","2.5.6.5"); + oid_add_from_string("person","2.5.6.6"); + oid_add_from_string("organizationalPerson","2.5.6.7"); + oid_add_from_string("organizationalRole","2.5.6.8"); + oid_add_from_string("groupOfNames","2.5.6.9"); + oid_add_from_string("residentialPerson","2.5.6.10"); + oid_add_from_string("applicationProcess","2.5.6.11"); + oid_add_from_string("applicationEntity","2.5.6.12"); + oid_add_from_string("dSA","2.5.6.13"); + oid_add_from_string("device","2.5.6.14"); + oid_add_from_string("strongAuthenticationUser","2.5.6.15"); + oid_add_from_string("certificationAuthority","2.5.6.16"); + oid_add_from_string("certificationAuthorityV2","2.5.6.16.2"); + oid_add_from_string("groupOfUniqueNames","2.5.6.17"); + oid_add_from_string("userSecurityInformation","2.5.6.18"); + oid_add_from_string("cRLDistributionPoint","2.5.6.19"); + oid_add_from_string("dmd","2.5.6.20"); + oid_add_from_string("pkiUser","2.5.6.21"); + oid_add_from_string("pkiCA","2.5.6.22"); + + oid_add_from_string("parent","2.5.6.28"); + oid_add_from_string("child","2.5.6.29"); + + /* RFC 2247 */ + oid_add_from_string("dcObject","1.3.6.1.4.1.1446.344"); + oid_add_from_string("domain","0.9.2342.19200300.100.4.13"); + + /* RFC 2798 */ + oid_add_from_string("inetOrgPerson","2.16.840.1.113730.3.2.2"); +} + + + diff --git a/epan/dissectors/asn1/x509sat/packet-x509sat-template.h b/epan/dissectors/asn1/x509sat/packet-x509sat-template.h new file mode 100644 index 00000000..da368280 --- /dev/null +++ b/epan/dissectors/asn1/x509sat/packet-x509sat-template.h @@ -0,0 +1,18 @@ +/* packet-x509sat.h + * Routines for X.509 Selected Attribute Types packet dissection + * Ronnie Sahlberg 2004 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef PACKET_X509SAT_H +#define PACKET_X509SAT_H + +#include "packet-x509sat-exp.h" + +#endif /* PACKET_X509SAT_H */ + diff --git a/epan/dissectors/asn1/x509sat/x509sat.cnf b/epan/dissectors/asn1/x509sat/x509sat.cnf new file mode 100644 index 00000000..e139e092 --- /dev/null +++ b/epan/dissectors/asn1/x509sat/x509sat.cnf @@ -0,0 +1,421 @@ +# x509sat.cnf +# X509SAT conformation file + +#.TYPE_ATTR +GUID TYPE = FT_GUID DISPLAY = BASE_NONE STRING = NULL BITMASK = 0 + +#.IMPORT ../x509if/x509if-exp.cnf +#.IMPORT ../p1/p1-exp.cnf + +#.CLASS CONTEXT +&Type +&Assertion +&id ObjectIdentifierType +#.END +#.CLASS ATTRIBUTE +&derivation ClassReference ATTRIBUTE +&Type +&equality-match ClassReference MATCHING-RULE +&ordering-match ClassReference MATCHING-RULE +&substrings-match ClassReference MATCHING-RULE +&single-valued BooleanType +&collective BooleanType +&no-user-modification BooleanType +&usage TypeReference AttributeUsage +&id ObjectIdentifierType +#.END +#.CLASS MATCHING-RULE +&ParentMatchingRules ClassReference MATCHING-RULE +&AssertionType +&uniqueMatchIndicator ClassReference ATTRIBUTE +&id ObjectIdentifierType +#.END +#.MODULE_EXPORTS +CaseIgnoreListMatch +CountryName +Criteria +#DayTime +DayTimeBand +DestinationIndicator +DirectoryString +EnhancedGuide +FacsimileTelephoneNumber +InternationalISDNNumber +LanguageContextSyntax +LocaleContextSyntax +MultipleMatchingLocalities +NameAndOptionalUID +NamedDay +OctetSubstringAssertion +Period +PostalAddress +PreferredDeliveryMethod +PresentationAddress +ProtocolInformation +SubstringAssertion +TimeAssertion +TimeSpecification +TimeZone +UniqueIdentifier +X121Address +XDayOf +ZonalResult +ZonalSelect + +#.SYNTAX +BitString +Boolean +CaseIgnoreListMatch +CountryName +DestinationIndicator +DirectoryString +EnhancedGuide +FacsimileTelephoneNumber +GUID +Guide +InternationalISDNNumber +Integer +NameAndOptionalUID +ObjectIdentifier +OctetString +PostalAddress +PreferredDeliveryMethod +PresentationAddress +SyntaxBMPString "BMPString" +SyntaxGeneralizedTime "GeneralizedTime" +SyntaxGeneralString "GeneralString" +SyntaxGraphicString "GraphicString" +SyntaxIA5String "IA5String" +SyntaxISO646String "ISO646String" +SyntaxNumericString "NumericString" +SyntaxPrintableString "PrintableString" +SyntaxT61String "T61String" +SyntaxTeletexString "TeletexString" +SyntaxUniversalString "UniversalString" +SyntaxUTF8String "UTF8String" +SyntaxUTCTime "UTCTime" +SyntaxVideotexString "VideotexString" +SyntaxVisibleString "VisibleString" +TelephoneNumber +TelexNumber +UniqueIdentifier +X121Address + +#.REGISTER +ObjectIdentifier B "2.5.4.0" "id-at-objectClass" +# - see x509if.cnf for "id-at-aliasedEntryName" +DirectoryString B "2.5.4.2" "id-at-knowledgeInformation" +DirectoryString B "2.5.4.3" "id-at-commonName" +DirectoryString B "2.5.4.4" "id-at-surname" +SyntaxPrintableString B "2.5.4.5" "id-at-serialNumber" +CountryName B "2.5.4.6" "id-at-countryName" +DirectoryString B "2.5.4.7" "id-at-localityName" +DirectoryString B "2.5.4.7.1" "id-at-collectiveLocalityName" +DirectoryString B "2.5.4.8" "id-at-stateOrProvinceName" +DirectoryString B "2.5.4.8.1" "id-at-collectiveStateOrProvinceName" +DirectoryString B "2.5.4.9" "id-at-streetAddress" +DirectoryString B "2.5.4.9.1" "id-at-collectiveStreetAddress" +DirectoryString B "2.5.4.10.1" "id-at-collectiveOrganizationName" +DirectoryString B "2.5.4.10" "id-at-organizationName" +DirectoryString B "2.5.4.11" "id-at-organizationalUnitName" +DirectoryString B "2.5.4.11.1" "id-at-collectiveOrganizationalUnitName" +DirectoryString B "2.5.4.12" "id-at-title" +DirectoryString B "2.5.4.13" "id-at-description" +Guide B "2.5.4.14" "id-at-searchGuide" +DirectoryString B "2.5.4.15" "id-at-businessCategory" +PostalAddress B "2.5.4.16" "id-at-postalAddress" +DirectoryString B "2.5.4.17" "id-at-postalCode" +DirectoryString B "2.5.4.17.1" "id-at-collectivePostalCode" +DirectoryString B "2.5.4.18" "id-at-postOfficeBox" +DirectoryString B "2.5.4.18.1" "id-at-collectivePostOfficeBox" +DirectoryString B "2.5.4.19" "id-at-physicalDeliveryOfficeName" +DirectoryString B "2.5.4.19.1" "id-at-collectivePhysicalDeliveryOfficeName" +TelephoneNumber B "2.5.4.20" "id-at-telephoneNumber" +TelephoneNumber B "2.5.4.20.1" "id-at-collectiveTelephoneNumber" +TelexNumber B "2.5.4.21" "id-at-telexNumber" +TelexNumber B "2.5.4.21.1" "id-at-collectiveTelexNumber" +# "id-at-teletexTerminalIdentifier" - what syntax? +FacsimileTelephoneNumber B "2.5.4.23" "id-at-facsimileTelephoneNumber" +FacsimileTelephoneNumber B "2.5.4.23.1" "id-at-collectiveFacsimileTelephoneNumber" +X121Address B "2.5.4.24" "id-at-x121Address" +InternationalISDNNumber B "2.5.4.25" "id-at-internationalISDNNumber" +InternationalISDNNumber B "2.5.4.25.1" "id-at-collectiveInternationalISDNNumber" +PostalAddress B "2.5.4.26" "id-at-registeredAddress" +DestinationIndicator B "2.5.4.27" "id-at-destinationIndicator" +PreferredDeliveryMethod B "2.5.4.28" "id-at-preferredDeliveryMethod" +PresentationAddress B "2.5.4.29" "id-at-presentationAddress" +ObjectIdentifier B "2.5.4.30" "id-at-supportedApplicationContext" +# "id-at-member" - see x509if.cnf +# "id-at-owner" - see x509if.cnf +# "id-at-roleOccupant" - see x509if.cnf +# "id-at-seeAlso" - see x509if.cnf +OctetString B "2.5.4.35" "id-at-userPassword" +# "id-at-userCertificate" - see x509af.cnf +# "id-at-cACertificate" - see x509af.cnf +# "id-at-authorityRevocationList" - see x509af.cnf +# "id-at-certificateRevocationList" - see x509af.cnf +# "id-at-crossCertificatePair" - see x509af.cnf +DirectoryString B "2.5.4.41" "id-at-name" +DirectoryString B "2.5.4.42" "id-at-givenName" +DirectoryString B "2.5.4.43" "id-at-initials" +DirectoryString B "2.5.4.44" "id-at-generationQualifier" +UniqueIdentifier B "2.5.4.45" "id-at-uniqueIdedntifier" +SyntaxPrintableString B "2.5.4.46" "id-at-dnQualifier" +EnhancedGuide B "2.5.4.47" "id-at-enhancedSearchGuide" +ProtocolInformation B "2.5.4.48" "id-at-protocolInformation" +# 49 "id-at-distinguishedName" - see x509if.cnf +NameAndOptionalUID B "2.5.4.50" "id-at-uniqueMember" +DirectoryString B "2.5.4.51" "id-at-houseIdentifier" +ObjectIdentifier B "2.5.4.52" "id-at-supportedAlgorithms" +# 53 "id-at-deltaRevocationList" - see x509af.cnf +DirectoryString B "2.5.4.54" "id-at-dmdName" +#Clearance B "2.5.4.55" "id-at-clearance" +ObjectIdentifier B "2.5.4.56" "id-at-defaultDirQop" +# 57 "id-at-attributeIntegrityInfo" - what syntax? +# 58 "id-at-attributeCertificate" - see x509af.cnf +# 59 "id-at-attributeCertificateRevocationLIst" - see x509af.cnf +# 60 "id-at-confKeyInfo" - what syntax? +# 61 ? aACertificate(61) +# 62 ? attributeDescriptorCertificate(62) +# 63 ? attributeAuthorityRevocationList(63) +# 64 "id-at-familyInformation" - what syntax? +DirectoryString B "2.5.4.65" "id-at-pseudonym" +ObjectIdentifier B "2.5.4.66" "id-at-communuicationsService" +ObjectIdentifier B "2.5.4.67" "id-at-communuicationsNetwork" + +SyntaxNumericString B "2.5.13.8" "id-mr-numericStringMatch" +CaseIgnoreListMatch B "2.5.13.11" "id-mr-caseIgnoreListMatch" +BitString B "2.5.13.16" "id-mr-bitStringMatch" +SyntaxUTCTime B "2.5.13.26" "id-mr-uTCTimeOrderingMatch" + +SyntaxGeneralizedTime B "2.5.18.1" "id-oa-createTimeStamp" +SyntaxGeneralizedTime B "2.5.18.2" "id-oa-modifyTimeStamp" +ObjectIdentifier B "2.5.18.5" "id-oa-administrativeRole" +ObjectIdentifier B "2.5.18.7" "id-oa-collectiveExclusions" +SyntaxGeneralizedTime B "2.5.18.8" "id-oa-subschemaTimeStamp" +Boolean B "2.5.18.9" "id-oa-hasSubordinates" +#id-oa-subschemaSubentryList OBJECT IDENTIFIER ::= {id-oa 10} +#id-oa-accessControlSubentryList OBJECT IDENTIFIER ::= {id-oa 11} +#id-oa-collectiveAttributeSubentryList OBJECT IDENTIFIER ::= {id-oa 12} +#id-oa-contextDefaultSubentryList OBJECT IDENTIFIER ::= {id-oa 13} +#id-oa-contextAssertionDefault OBJECT IDENTIFIER ::= {id-oa 14} +#id-oa-serviceAdminSubentryList OBJECT IDENTIFIER ::= {id-oa 15} +#id-oa-searchRules OBJECT IDENTIFIER ::= {id-oa 16} +#id-oa-hierarchyLevel OBJECT IDENTIFIER ::= {id-oa 17} +#id-oa-hierarchyBelow OBJECT IDENTIFIER ::= {id-oa 18} +#id-oa-hierarchyParent OBJECT IDENTIFIER ::= {id-oa 19} + +ObjectIdentifier B "2.5.24.1" "id-aca-accessControlScheme" + +# X402 - see master list in acp133.cnf +ObjectIdentifier B "2.6.5.2.8" "id-at-mhs-supported-automatic-actions" +ObjectIdentifier B "2.6.5.2.10" "id-at-mhs-supported-attributes" +ObjectIdentifier B "2.6.5.2.11" "id-at-mhs-supported-matching-rules" + +# ACP133 - see master list in acp133.cnf + +DirectoryString B "2.16.840.1.101.2.2.1.45" "id-at-releaseAuthorityName" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.51" "id-at-cognizantAuthority" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.53" "id-at-accountingCode" +Boolean B "2.16.840.1.101.2.2.1.54" "id-at-dualRoute" +SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.55" "id-at-effectiveDate" +SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.57" "id-at-expirationDate" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.58" "id-at-hostOrgACP127" +SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.60" "id-at-lastRecapDate" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.62" "id-at-lmf" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.63" "id-at-longTitle" +Boolean B "2.16.840.1.101.2.2.1.64" "id-at-minimize" +Boolean B "2.16.840.1.101.2.2.1.65" "id-at-minimizeOverride" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.68" "id-at-nationality" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.68.1" "id-at-collectiveNationality" +Boolean B "2.16.840.1.101.2.2.1.69" "id-at-transferStation" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.70" "id-at-plaNameACP127" +Boolean B "2.16.840.1.101.2.2.1.72" "id-at-plaReplace" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.73" "id-at-primarySpellingACP127" +Boolean B "2.16.840.1.101.2.2.1.74" "id-at-publish" +SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.75" "id-at-recapDueDate" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.77" "id-at-rI" +Boolean B "2.16.840.1.101.2.2.1.81" "id-at-section" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.82" "id-at-serviceOrAgency" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.83" "id-at-sHD" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.84" "id-at-shortTitle" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.85" "id-at-sigad" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.86" "id-at-spot" +Boolean B "2.16.840.1.101.2.2.1.87" "id-at-tARE" +TelephoneNumber B "2.16.840.1.101.2.2.1.94" "id-at-aCPMobileTelephoneNumber" +TelephoneNumber B "2.16.840.1.101.2.2.1.95" "id-at-aCPPagerTelephoneNumber" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.96" "id-at-tCC" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.97" "id-at-tRC" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.106" "id-at-accessCodes" +SyntaxGraphicString B "2.16.840.1.101.2.2.1.107" "id-at-accessSchema" +TelephoneNumber B "2.16.840.1.101.2.2.1.109" "id-at-aCPTelephoneFaxNumber" +ObjectIdentifier B "2.16.840.1.101.2.2.1.115" "id-at-gatewayType" +ObjectIdentifier B "2.16.840.1.101.2.2.1.116" "id-at-ghpType" +DirectoryString B "2.16.840.1.101.2.2.1.118" "id-at-mailDomains" +TelephoneNumber B "2.16.840.1.101.2.2.1.119" "id-at-militaryFacsimileNumber" +TelephoneNumber B "2.16.840.1.101.2.2.1.119.1" "id-at-collectiveMilitaryFacsimileNumber" +TelephoneNumber B "2.16.840.1.101.2.2.1.120" "id-at-militaryTelephoneNumber" +TelephoneNumber B "2.16.840.1.101.2.2.1.120.1" "id-at-collectiveMilitaryTelephoneNumber" +SyntaxGraphicString B "2.16.840.1.101.2.2.1.122" "id-at-networkSchema" +DirectoryString B "2.16.840.1.101.2.2.1.124" "id-at-operationName" +DirectoryString B "2.16.840.1.101.2.2.1.125" "id-at-positionNumber" +DirectoryString B "2.16.840.1.101.2.2.1.126" "id-at-proprietaryMailboxes" +TelephoneNumber B "2.16.840.1.101.2.2.1.127" "id-at-secureFacsimileNumber" +TelephoneNumber B "2.16.840.1.101.2.2.1.127.1" "id-at-collectiveSecureFacsimileNumber" +TelephoneNumber B "2.16.840.1.101.2.2.1.128" "id-at-secureTelephoneNumber" +TelephoneNumber B "2.16.840.1.101.2.2.1.128.1" "id-at-collectiveSecureTelephoneNumber" +DirectoryString B "2.16.840.1.101.2.2.1.129" "id-at-serviceNumber" +DirectoryString B "2.16.840.1.101.2.2.1.133" "id-at-rank" +DirectoryString B "2.16.840.1.101.2.2.1.143" "id-at-adminConversion" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.144" "id-at-tCCG" +DirectoryString B "2.16.840.1.101.2.2.1.145" "id-at-usdConversion" +DirectoryString B "2.16.840.1.101.2.2.1.158" "id-at-aCPRoleInformation" +DirectoryString B "2.16.840.1.101.2.2.1.159" "id-at-coalitionGrade" +TelephoneNumber B "2.16.840.1.101.2.2.1.160" "id-at-militaryIPPhoneNumber" +ObjectIdentifier B "2.16.840.1.101.2.2.1.161" "id-at-fileTypeInfoCapability" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.172" "id-at-aCPFunctionalDescription" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.173" "id-at-alternatePLAName" +SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.174" "id-at-aCPEntryCreationDate" +SyntaxGeneralizedTime B "2.16.840.1.101.2.2.1.175" "id-at-aCPEntryModificationDate" +ObjectIdentifier B "2.16.840.1.101.2.2.1.176" "id-at-aCPEntryType" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.177" "id-at-aCPEntryUniqueId" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.178" "id-at-aCPCitizenship" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.179" "id-at-aCPEID" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.180" "id-at-aCPCOI" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.181" "id-at-aCPPublishTo" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.182" "id-at-aCPSvcApps" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.183" "id-at-aCPDirectionsTo" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.185" "id-at-aCPLatitude" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.186" "id-at-aCPLocationMap" +SyntaxPrintableString B "2.16.840.1.101.2.2.1.187" "id-at-aCPLongitude" + +# PKCS#9 + +SyntaxIA5String B "1.2.840.113549.1.9.1" "pkcs-9-at-emailAddress" +#PKCS9String B "1.2.840.113549.1.9.2" "pkcs-9-at-unstructuredName" - TBD +#ContentType B "1.2.840.113549.1.9.3" "pkcs-9-at-contentType" - see cms.cnf +#MessageDigest B "1.2.840.113549.1.9.4" "pkcs-9-at-messageDigest" - see cms.cnf +#SigningTime B "1.2.840.113549.1.9.5" "pkcs-9-at-signingTime" - see cms.cnf +#Countersignature B "1.2.840.113549.1.9.6" "pkcs-9-at-counterSignature" - see cms.cnf +DirectoryString B "1.2.840.113549.1.9.7" "pkcs-9-at-challengePassword" +DirectoryString B "1.2.840.113549.1.9.8" "pkcs-9-at-unstructuredAddress" +#SETOFAttribute B "1.2.840.113549.1.9.9" "pkcs-9-at-extendedCertificateAttributes" - TBD +DirectoryString B "1.2.840.113549.1.9.13" "pkcs-9-at-signingDescription" +#ExtensionRequest B "1.2.840.113549.1.9.14" "pkcs-9-at-extensionRequest" - TBD +#SMIMECapabiliaties B "1.2.840.113549.1.9.15" "pkcs-9-at-smimeCapabilities" - TBD +SyntaxBMPString B "1.2.840.113549.1.9.20" "pkcs-9-at-friendlyName" +OctetString B "1.2.840.113549.1.9.21" "pkcs-9-at-localKeyId" +#PKCS15Token B "1.2.840.113549.1.9.25.1" "pkcs-9-at-pkcs15Token" - TBD +#EncryptedPrivateKeyInfo B "1.2.840.113549.1.9.25.2" "pkcs-9-at-encryptedPrivateKeyInfo" - see pkcs12.cnf +OctetString B "1.2.840.113549.1.9.25.3" "pkcs-9-at-randomNonce" # move to PKCS#9 when defined +Integer B "1.2.840.113549.1.9.25.4" "pkcs-9-at-sequenceNumber" # move to PKCS#9 when defined +#ContentInfo B "1.2.840.113549.1.9.25.5" "pkcs-9-at-pkcs7PDU" - TBD - not the same as CMS ContentInfo + +SyntaxGeneralizedTime B "1.3.6.1.5.5.7.9.1" "pkcs-9-at-dateOfBirth" +DirectoryString B "1.3.6.1.5.5.7.9.2" "pkcs-9-at-placeOfBirth" +SyntaxPrintableString B "1.3.6.1.5.5.7.9.3" "pkcs-9-at-gender" +SyntaxPrintableString B "1.3.6.1.5.5.7.9.4" "pkcs-9-at-countryOfCitizenship" +SyntaxPrintableString B "1.3.6.1.5.5.7.9.5" "pkcs-9-at-countryOfResidence" + +# RFC 2247 +SyntaxIA5String B "0.9.2342.19200300.100.1.25" "dc" + +# RFC 2798 - The LDAP inetOrgPerson Object Class +DirectoryString B "2.16.840.1.113730.3.1.1" "carLicense" +DirectoryString B "2.16.840.1.113730.3.1.2" "departmentNumber" +DirectoryString B "2.16.840.1.113730.3.1.3" "employeeNumber" +DirectoryString B "2.16.840.1.113730.3.1.4" "employeeType" +#JPEG B "0.9.2342.19200300.100.1.60" "jpegPhoto" - see packet-jpeg.c +DirectoryString B "2.16.840.1.113730.3.1.39" "preferredLanguage" +#SignedData B "2.16.840.1.113730.3.1.40" "userSMIMECertificate" - see cms.cnf +#PFX B "2.16.840.1.113730.3.1.216" "pkcs-9-at-PKCS12" - see pkcs12.cnf +DirectoryString B "2.16.840.1.113730.3.1.241" "displayName" + +# Microsoft-specific +# GeneralName other-name +SyntaxBMPString B "1.3.6.1.4.1.311.20.2" "id-ms-certificate-template-name" +SyntaxUTF8String B "1.3.6.1.4.1.311.20.2.3" "id-ms-user-principal-name" +SyntaxBMPString B "1.3.6.1.4.1.311.17.1" "id-ms-local-machine-keyset" +Integer B "1.3.6.1.4.1.311.21.1" "id-ms-ca-version" +OctetString B "1.3.6.1.4.1.311.21.2" "id-ms-previous-cert-hash" +Integer B "1.3.6.1.4.1.311.21.3" "id-ms-virtual-base" +SyntaxUTCTime B "1.3.6.1.4.1.311.21.4" "id-ms-next-publish" + +# unknown X.420 PerRecipientExtensionField +Integer B "1.2.826.0.1063.7.0.0.0" "unknown-UK-organisation-defined-extension" + +# NEXOR Originating UA +SyntaxIA5String B "1.2.826.0.1004.10.1.1" "nexor-originating-ua" + +# X.420 Message Store Attributes - see p22.cnf +Boolean B "2.6.1.6.3" "id-sat-ipm-auto-discarded" + +# RFC 4530 +GUID B "1.3.6.1.1.16.4" "entryUUID" + +# Guidelines for Extended Validation Certificates (http://www.cabforum.org/EV_Certificate_Guidelines_draft11.pdf) +DirectoryString B "1.3.6.1.4.1.311.60.2.1.1" "jurisdictionOfIncorporationLocalityName" +DirectoryString B "1.3.6.1.4.1.311.60.2.1.2" "jurisdictionOfIncorporationStateOrProvinceName" +CountryName B "1.3.6.1.4.1.311.60.2.1.3" "jurisdictionOfIncorporationCountryName" + +#.NO_EMIT + +#.TYPE_RENAME + +#.FIELD_RENAME +OctetSubstringAssertion/_item/any any_substring +OctetSubstringAssertion/_item/final finall_substring +OctetSubstringAssertion/_item/initial initial_substring +XDayOf/first first_dayof +XDayOf/second second_dayof +XDayOf/third third_dayof +XDayOf/fourth fourth_dayof +XDayOf/fifth fifth_dayof + +#.END + +#.FN_BODY SyntaxUTCTime + char *outstr, *newstr; + guint32 tvblen; + + /* the 2-digit year can only be in the range 1950..2049 https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 */ + offset = dissect_ber_UTCTime(implicit_tag, actx, tree, tvb, offset, hf_index, &outstr, &tvblen); + if (hf_index >= 0 && outstr) { + newstr = wmem_strconcat(actx->pinfo->pool, outstr[0] < '5' ? "20": "19", outstr, NULL); + proto_tree_add_string(tree, hf_index, tvb, offset - tvblen, tvblen, newstr); + } + +#.FN_BODY GUID + gint8 ber_class; + bool pc; + gint32 tag; + guint32 len; + e_guid_t uuid; + + if(!implicit_tag){ + offset=dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &ber_class, &pc, &tag); + offset=dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, NULL); + } else { + gint32 remaining=tvb_reported_length_remaining(tvb, offset); + len=remaining>0 ? remaining : 0; + } + + tvb_get_ntohguid (tvb, offset, &uuid); + actx->created_item = proto_tree_add_guid(tree, hf_index, tvb, offset, len, &uuid); +#.END + +#.TYPE_ATTR +DirectoryString/teletexString DISPLAY = BASE_NONE + +#.TYPE_ATTR +SyntaxTeletexString DISPLAY = BASE_NONE + +#.TYPE_ATTR +SyntaxT61String DISPLAY = BASE_NONE + +#.TYPE_ATTR +SyntaxVideotexString DISPLAY = BASE_NONE + +#.END + + -- cgit v1.2.3