# x509.cnf # X509 conformation file #.IMPORT ../x509ce/x509ce-exp.cnf #.IMPORT ../x509if/x509if-exp.cnf #.IMPORT ../x509sat/x509sat-exp.cnf #.MODULE_EXPORTS EXTERN WS_DLL Certificate #.MODULE_EXPORTS EXTENSION ACPathData AlgorithmIdentifier AttCertValidityPeriod AttributeCertificate AttributeCertificateAssertion AttributeCertificateInfo AttributeCertificationPath Certificate_PDU Certificates CertificateList CertificatePair CertificateSerialNumber CertificationPath CrossCertificates Extension Extensions ForwardCertificationPath IssuerSerial SubjectPublicKeyInfo Time Validity Version #.PDU SubjectPublicKeyInfo #.REGISTER Certificate B "2.5.4.36" "id-at-userCertificate" Certificate B "2.5.4.37" "id-at-cAcertificate" CertificateList B "2.5.4.38" "id-at-authorityRevocationList" CertificateList B "2.5.4.39" "id-at-certificateRevocationList" CertificatePair B "2.5.4.40" "id-at-crossCertificatePair" CertificateList B "2.5.4.53" "id-at-deltaRevocationList" AttributeCertificate B "2.5.4.58" "id-at-attributeCertificate" CertificateList B "2.5.4.59" "id-at-attributeCertificateRevocationList" DSS-Params B "1.2.840.10040.4.1" "id-dsa" # WS Implemet from RFC 1274 Userid B "0.9.2342.19200300.100.1.1" "id-userid" #.TYPE_RENAME AttributeCertificateInfo/subject InfoSubject AttributeCertificateAssertion/subject AssertionSubject #.FIELD_RENAME AttributeCertificateInfo/issuer issuerName AttributeCertificateInfo/subject info_subject AttributeCertificateAssertion/subject assertion_subject AttributeCertificateAssertion/issuer assertionIssuer AttributeCertificateInfo/subject/subjectName infoSubjectName AttributeCertificateAssertion/subject/subjectName assertionSubjectName IssuerSerial/issuer issuerName CertificateList/signedCertificateList/revokedCertificates/_item/userCertificate revokedUserCertificate #.END #.FN_PARS AlgorithmIdentifier/algorithmId FN_VARIANT = _str HF_INDEX = hf_x509af_algorithm_id VAL_PTR = &actx->external.direct_reference #.FN_BODY AlgorithmIdentifier/algorithmId const char *name; %(DEFAULT_BODY)s if (algorithm_id) { wmem_free(wmem_file_scope(), (void*)algorithm_id); } if(actx->external.direct_reference) { algorithm_id = (const char *)wmem_strdup(wmem_file_scope(), actx->external.direct_reference); name = oid_resolved_from_string(actx->pinfo->pool, actx->external.direct_reference); proto_item_append_text(tree, " (%%s)", name ? name : actx->external.direct_reference); } else { algorithm_id = NULL; } #.FN_BODY AlgorithmIdentifier/parameters offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL); #.FN_HDR SubjectPublicKeyInfo int orig_offset = offset; #.FN_FTR SubjectPublicKeyInfo x509af_export_publickey(tvb, actx, orig_offset, offset - orig_offset); #.END #.FN_BODY SubjectPublicKeyInfo/subjectPublicKey tvbuff_t *bs_tvb = NULL; # proto_tree *subtree; dissect_ber_bitstring(false, actx, NULL, tvb, offset, NULL, 0, hf_index, -1, &bs_tvb); /* See RFC 3279 for possible subjectPublicKey values given an Algorithm ID. * The contents of subjectPublicKey are always explicitly tagged. */ if (bs_tvb && !g_strcmp0(algorithm_id, "1.2.840.113549.1.1.1")) { /* id-rsa */ offset += dissect_pkcs1_RSAPublicKey(false, bs_tvb, 0, actx, tree, hf_index); # TODO: PKCS#1 only defines RSA; DH and DSA are from PKIX1Algorithms2008 # } else if (bs_tvb && !g_strcmp0(algorithm_id, "1.2.840.10040.4.1")) { /* id-dsa */ # subtree = proto_item_add_subtree(actx->created_item, ett_subjectpublickey); # offset += dissect_DSAPublicKey(false, bs_tvb, 0, actx, subtree, hf_dsa_y); # # } else if (bs_tvb && !g_strcmp0(algorithm_id, "1.2.840.10046.2.1")) { /* dhpublicnumber */ # subtree = proto_item_add_subtree(actx->created_item, ett_subjectpublickey); # offset += dissect_DHPublicKey(false, bs_tvb, 0, actx, subtree, hf_dh_y); # } else { offset = dissect_ber_bitstring(false, actx, tree, tvb, offset, NULL, 0, hf_index, -1, NULL); } #.FN_PARS Extension/extnId FN_VARIANT = _str HF_INDEX = hf_x509af_extension_id VAL_PTR = &actx->external.direct_reference #.FN_BODY Extension/extnId const char *name; %(DEFAULT_BODY)s if(actx->external.direct_reference) { name = oid_resolved_from_string(actx->pinfo->pool, actx->external.direct_reference); proto_item_append_text(tree, " (%%s)", name ? name : actx->external.direct_reference); } #.FN_BODY Extension/extnValue int8_t ber_class; bool pc, ind; int32_t tag; uint32_t len; /* skip past the T and L */ offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &ber_class, &pc, &tag); offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, &ind); offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL); #.FN_BODY Time/utcTime char *outstr, *newstr; uint32_t tvblen; /* the 2-digit year can only be in the range 1950..2049 https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 */ offset = dissect_ber_UTCTime(implicit_tag, actx, tree, tvb, offset, hf_index, &outstr, &tvblen); if (hf_index > 0 && outstr) { newstr = wmem_strconcat(actx->pinfo->pool, outstr[0] < '5' ? "20": "19", outstr, NULL); proto_tree_add_string(tree, hf_index, tvb, offset - tvblen, tvblen, newstr); } #.FN_BODY SubjectName const char* str; %(DEFAULT_BODY)s str = x509if_get_last_dn(); proto_item_append_text(proto_item_get_parent(tree), " (%%s)", str?str:""); #.TYPE_ATTR CertificateSerialNumber TYPE = FT_BYTES DISPLAY = BASE_NONE DSS-Params/p TYPE = FT_BYTES DISPLAY = BASE_NONE DSS-Params/q TYPE = FT_BYTES DISPLAY = BASE_NONE DSS-Params/g TYPE = FT_BYTES DISPLAY = BASE_NONE #.FN_PARS CertificateSerialNumber FN_VARIANT = 64 #.END