forked from osmocom/wireshark
New "protocol" the support functions from RFC2511 Certificate Request Message Format CRMF
svn path=/trunk/; revision=12825
This commit is contained in:
parent
69dd4345c1
commit
131c4164b4
|
@ -0,0 +1,287 @@
|
|||
-- This ASN1 definition is taken from RFC2511 and modified to pass through
|
||||
-- the ASN2ETH compiler.
|
||||
--
|
||||
-- The copyright statement from the original description in RFC2511
|
||||
-- follows below:
|
||||
--
|
||||
--
|
||||
-- Full Copyright Statement
|
||||
--
|
||||
-- Copyright (C) The Internet Society (1999). All Rights Reserved.
|
||||
--
|
||||
-- This document and translations of it may be copied and furnished to
|
||||
-- others, and derivative works that comment on or otherwise explain it
|
||||
-- or assist in its implementation may be prepared, copied, published
|
||||
-- and distributed, in whole or in part, without restriction of any
|
||||
-- kind, provided that the above copyright notice and this paragraph are
|
||||
-- included on all such copies and derivative works. However, this
|
||||
-- document itself may not be modified in any way, such as by removing
|
||||
-- the copyright notice or references to the Internet Society or other
|
||||
-- Internet organizations, except as needed for the purpose of
|
||||
-- developing Internet standards in which case the procedures for
|
||||
-- copyrights defined in the Internet Standards process must be
|
||||
-- followed, or as required to translate it into languages other than
|
||||
-- English.
|
||||
--
|
||||
-- The limited permissions granted above are perpetual and will not be
|
||||
-- revoked by the Internet Society or its successors or assigns.
|
||||
--
|
||||
-- This document and the information contained herein is provided on an
|
||||
-- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||||
-- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||||
-- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||||
-- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||||
-- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
--PKIXCRMF {iso(1) identified-organization(3) dod(6) internet(1)
|
||||
-- security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-crmf(5)}
|
||||
|
||||
CRMF DEFINITIONS IMPLICIT TAGS ::=
|
||||
BEGIN
|
||||
|
||||
IMPORTS
|
||||
-- Directory Authentication Framework (X.509)
|
||||
AlgorithmIdentifier, Name,
|
||||
SubjectPublicKeyInfo, Extensions
|
||||
FROM PKIX1Explicit88 {iso(1) identified-organization(3) dod(6)
|
||||
internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
|
||||
id-pkix1-explicit-88(1)}
|
||||
|
||||
-- Certificate Extensions (X.509)
|
||||
GeneralName
|
||||
FROM PKIX1Implicit88 {iso(1) identified-organization(3) dod(6)
|
||||
internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
|
||||
id-pkix1-implicit-88(2)}
|
||||
|
||||
-- Cryptographic Message Syntax
|
||||
EnvelopedData
|
||||
FROM CryptographicMessageSyntax { iso(1) member-body(2)
|
||||
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16)
|
||||
modules(0) cms(1) };
|
||||
|
||||
|
||||
--copied in from pkix1explicit
|
||||
Version ::= INTEGER { v1(0), v2(1), v3(2) }
|
||||
UniqueIdentifier ::= BIT STRING
|
||||
Time ::= CHOICE {
|
||||
utcTime UTCTime,
|
||||
generalTime GeneralizedTime }
|
||||
|
||||
|
||||
|
||||
CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg
|
||||
|
||||
CertReqMsg ::= SEQUENCE {
|
||||
certReq CertRequest,
|
||||
pop ProofOfPossession OPTIONAL,
|
||||
-- content depends upon key type
|
||||
regInfo SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL }
|
||||
|
||||
CertRequest ::= SEQUENCE {
|
||||
certReqId INTEGER, -- ID for matching request and reply
|
||||
certTemplate CertTemplate, -- Selected fields of cert to be issued
|
||||
controls Controls OPTIONAL } -- Attributes affecting issuance
|
||||
|
||||
CertTemplate ::= SEQUENCE {
|
||||
version [0] Version OPTIONAL,
|
||||
serialNumber [1] INTEGER OPTIONAL,
|
||||
signingAlg [2] AlgorithmIdentifier OPTIONAL,
|
||||
issuer [3] Name OPTIONAL,
|
||||
validity [4] OptionalValidity OPTIONAL,
|
||||
subject [5] Name OPTIONAL,
|
||||
publicKey [6] SubjectPublicKeyInfo OPTIONAL,
|
||||
issuerUID [7] UniqueIdentifier OPTIONAL,
|
||||
subjectUID [8] UniqueIdentifier OPTIONAL,
|
||||
extensions [9] Extensions OPTIONAL }
|
||||
|
||||
OptionalValidity ::= SEQUENCE {
|
||||
notBefore [0] Time OPTIONAL,
|
||||
notAfter [1] Time OPTIONAL } --at least one MUST be present
|
||||
|
||||
Controls ::= SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue
|
||||
|
||||
AttributeTypeAndValue ::= SEQUENCE {
|
||||
type OBJECT IDENTIFIER,
|
||||
value ANY }
|
||||
|
||||
ProofOfPossession ::= CHOICE {
|
||||
raVerified [0] NULL,
|
||||
-- used if the RA has already verified that the requester is in
|
||||
-- possession of the private key
|
||||
signature [1] POPOSigningKey,
|
||||
keyEncipherment [2] POPOPrivKey,
|
||||
keyAgreement [3] POPOPrivKey }
|
||||
|
||||
POPOSigningKey ::= SEQUENCE {
|
||||
poposkInput [0] POPOSigningKeyInput OPTIONAL,
|
||||
algorithmIdentifier AlgorithmIdentifier,
|
||||
signature BIT STRING }
|
||||
-- The signature (using "algorithmIdentifier") is on the
|
||||
-- DER-encoded value of poposkInput. NOTE: If the CertReqMsg
|
||||
-- certReq CertTemplate contains the subject and publicKey values,
|
||||
-- then poposkInput MUST be omitted and the signature MUST be
|
||||
-- computed on the DER-encoded value of CertReqMsg certReq. If
|
||||
-- the CertReqMsg certReq CertTemplate does not contain the public
|
||||
-- key and subject values, then poposkInput MUST be present and
|
||||
-- MUST be signed. This strategy ensures that the public key is
|
||||
-- not present in both the poposkInput and CertReqMsg certReq
|
||||
-- CertTemplate fields.
|
||||
|
||||
POPOSigningKeyInput ::= SEQUENCE {
|
||||
authInfo CHOICE {
|
||||
sender [0] GeneralName,
|
||||
-- used only if an authenticated identity has been
|
||||
-- established for the sender (e.g., a DN from a
|
||||
-- previously-issued and currently-valid certificate
|
||||
publicKeyMAC PKMACValue },
|
||||
-- used if no authenticated GeneralName currently exists for
|
||||
-- the sender; publicKeyMAC contains a password-based MAC
|
||||
-- on the DER-encoded value of publicKey
|
||||
publicKey SubjectPublicKeyInfo } -- from CertTemplate
|
||||
|
||||
PKMACValue ::= SEQUENCE {
|
||||
algId AlgorithmIdentifier,
|
||||
-- algorithm value shall be PasswordBasedMac {1 2 840 113533 7 66 13}
|
||||
-- parameter value is PBMParameter
|
||||
value BIT STRING }
|
||||
|
||||
PBMParameter ::= SEQUENCE {
|
||||
salt OCTET STRING,
|
||||
owf AlgorithmIdentifier,
|
||||
-- AlgId for a One-Way Function (SHA-1 recommended)
|
||||
iterationCount INTEGER,
|
||||
-- number of times the OWF is applied
|
||||
mac AlgorithmIdentifier
|
||||
-- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
|
||||
} -- or HMAC [RFC2104, RFC2202])
|
||||
|
||||
POPOPrivKey ::= CHOICE {
|
||||
thisMessage [0] BIT STRING,
|
||||
-- posession is proven in this message (which contains the private
|
||||
-- key itself (encrypted for the CA))
|
||||
subsequentMessage [1] SubsequentMessage,
|
||||
-- possession will be proven in a subsequent message
|
||||
dhMAC [2] BIT STRING }
|
||||
-- for keyAgreement (only), possession is proven in this message
|
||||
-- (which contains a MAC (over the DER-encoded value of the
|
||||
-- certReq parameter in CertReqMsg, which MUST include both subject
|
||||
-- and publicKey) based on a key derived from the end entity's
|
||||
-- private DH key and the CA's public DH key);
|
||||
-- the dhMAC value MUST be calculated as per the directions given
|
||||
-- in Appendix A.
|
||||
|
||||
SubsequentMessage ::= INTEGER {
|
||||
encrCert (0),
|
||||
-- requests that resulting certificate be encrypted for the
|
||||
-- end entity (following which, POP will be proven in a
|
||||
-- confirmation message)
|
||||
challengeResp (1) }
|
||||
-- requests that CA engage in challenge-response exchange with
|
||||
-- end entity in order to prove private key possession
|
||||
|
||||
-- Object identifier assignments --
|
||||
|
||||
id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
|
||||
dod(6) internet(1) security(5) mechanisms(5) 7 }
|
||||
|
||||
-- arc for Internet X.509 PKI protocols and their components
|
||||
id-pkip OBJECT IDENTIFIER ::= { id-pkix 5 }
|
||||
|
||||
-- Registration Controls in CRMF
|
||||
id-regCtrl OBJECT IDENTIFIER ::= { id-pkip 1 }
|
||||
|
||||
-- The following definition may be uncommented for use with
|
||||
-- ASN.1 compilers which do not understand UTF8String.
|
||||
|
||||
-- UTF8String ::= [UNIVERSAL 12] IMPLICIT OCTET STRING
|
||||
|
||||
id-regCtrl-regToken OBJECT IDENTIFIER ::= { id-regCtrl 1 }
|
||||
--with syntax:
|
||||
RegToken ::= UTF8String
|
||||
|
||||
id-regCtrl-authenticator OBJECT IDENTIFIER ::= { id-regCtrl 2 }
|
||||
--with syntax:
|
||||
Authenticator ::= UTF8String
|
||||
|
||||
id-regCtrl-pkiPublicationInfo OBJECT IDENTIFIER ::= { id-regCtrl 3 }
|
||||
--with syntax:
|
||||
|
||||
PKIPublicationInfo ::= SEQUENCE {
|
||||
action INTEGER {
|
||||
dontPublish (0),
|
||||
pleasePublish (1) },
|
||||
pubInfos SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL }
|
||||
-- pubInfos MUST NOT be present if action is "dontPublish"
|
||||
-- (if action is "pleasePublish" and pubInfos is omitted,
|
||||
-- "dontCare" is assumed)
|
||||
|
||||
SinglePubInfo ::= SEQUENCE {
|
||||
pubMethod INTEGER {
|
||||
dontCare (0),
|
||||
x500 (1),
|
||||
web (2),
|
||||
ldap (3) },
|
||||
pubLocation GeneralName OPTIONAL }
|
||||
|
||||
id-regCtrl-pkiArchiveOptions OBJECT IDENTIFIER ::= { id-regCtrl 4 }
|
||||
--with syntax:
|
||||
PKIArchiveOptions ::= CHOICE {
|
||||
encryptedPrivKey [0] EncryptedKey,
|
||||
-- the actual value of the private key
|
||||
keyGenParameters [1] KeyGenParameters,
|
||||
-- parameters which allow the private key to be re-generated
|
||||
archiveRemGenPrivKey [2] BOOLEAN }
|
||||
-- set to TRUE if sender wishes receiver to archive the private
|
||||
-- key of a key pair which the receiver generates in response to
|
||||
-- this request; set to FALSE if no archival is desired.
|
||||
|
||||
EncryptedKey ::= CHOICE {
|
||||
encryptedValue EncryptedValue,
|
||||
envelopedData [0] EnvelopedData }
|
||||
-- The encrypted private key MUST be placed in the envelopedData
|
||||
-- encryptedContentInfo encryptedContent OCTET STRING.
|
||||
|
||||
|
||||
EncryptedValue ::= SEQUENCE {
|
||||
intendedAlg [0] AlgorithmIdentifier OPTIONAL,
|
||||
-- the intended algorithm for which the value will be used
|
||||
symmAlg [1] AlgorithmIdentifier OPTIONAL,
|
||||
-- the symmetric algorithm used to encrypt the value
|
||||
encSymmKey [2] BIT STRING OPTIONAL,
|
||||
-- the (encrypted) symmetric key used to encrypt the value
|
||||
keyAlg [3] AlgorithmIdentifier OPTIONAL,
|
||||
-- algorithm used to encrypt the symmetric key
|
||||
valueHint [4] OCTET STRING OPTIONAL,
|
||||
-- a brief description or identifier of the encValue content
|
||||
-- (may be meaningful only to the sending entity, and used only
|
||||
-- if EncryptedValue might be re-examined by the sending entity
|
||||
-- in the future)
|
||||
encValue BIT STRING }
|
||||
-- the encrypted value itself
|
||||
|
||||
KeyGenParameters ::= OCTET STRING
|
||||
|
||||
id-regCtrl-oldCertID OBJECT IDENTIFIER ::= { id-regCtrl 5 }
|
||||
--with syntax:
|
||||
OldCertId ::= CertId
|
||||
|
||||
CertId ::= SEQUENCE {
|
||||
issuer GeneralName,
|
||||
serialNumber INTEGER }
|
||||
|
||||
id-regCtrl-protocolEncrKey OBJECT IDENTIFIER ::= { id-regCtrl 6 }
|
||||
--with syntax:
|
||||
ProtocolEncrKey ::= SubjectPublicKeyInfo
|
||||
|
||||
-- Registration Info in CRMF
|
||||
id-regInfo OBJECT IDENTIFIER ::= { id-pkip 2 }
|
||||
|
||||
id-regInfo-utf8Pairs OBJECT IDENTIFIER ::= { id-regInfo 1 }
|
||||
--with syntax
|
||||
UTF8Pairs ::= UTF8String
|
||||
|
||||
id-regInfo-certReq OBJECT IDENTIFIER ::= { id-regInfo 2 }
|
||||
--with syntax
|
||||
CertReq ::= CertRequest
|
||||
|
||||
END
|
|
@ -0,0 +1,5 @@
|
|||
|
||||
../../epan/dissectors/packet-crmf.c : ../../tools/asn2eth.py CRMF.asn packet-crmf-template.c packet-crmf-template.h crmf.cnf
|
||||
python ../../tools/asn2eth.py -X -b -e -p crmf -c crmf.cnf -s packet-crmf-template CRMF.asn
|
||||
cp packet-crmf.* ../../epan/dissectors
|
||||
|
|
@ -0,0 +1,60 @@
|
|||
#.IMPORT_TAG
|
||||
CertReqMessages BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
CertReqMsg BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
CertRequest BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
CertTemplate BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
OptionalValidity BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
Controls BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
AttributeTypeAndValue BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
ProofOfPossession BER_CLASS_CON -1/*choice*/
|
||||
POPOSigningKey BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
POPOSigningKeyInput BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
PKMACValue BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
PBMParameter BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
POPOPrivKey BER_CLASS_CON -1/*choice*/
|
||||
SubsequentMessage BER_CLASS_UNI BER_UNI_TAG_INTEGER
|
||||
RegToken BER_CLASS_UNI BER_UNI_TAG_UTF8String
|
||||
Authenticator BER_CLASS_UNI BER_UNI_TAG_UTF8String
|
||||
PKIPublicationInfo BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
SinglePubInfo BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
PKIArchiveOptions BER_CLASS_CON -1/*choice*/
|
||||
EncryptedKey -1/*choice*/ -1/*choice*/
|
||||
EncryptedValue BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
KeyGenParameters BER_CLASS_UNI BER_UNI_TAG_OCTETSTRING
|
||||
OldCertId BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
CertId BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
ProtocolEncrKey BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
UTF8Pairs BER_CLASS_UNI BER_UNI_TAG_UTF8String
|
||||
CertReq BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
|
||||
#.END
|
||||
|
||||
#.TYPE_ATTR
|
||||
CertReqMessages TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
CertReqMsg TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
CertRequest TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
CertTemplate TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
OptionalValidity TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
Controls TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
AttributeTypeAndValue TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
ProofOfPossession TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(ProofOfPossession_vals) BITMASK = 0
|
||||
POPOSigningKey TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
POPOSigningKeyInput TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
PKMACValue TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
PBMParameter TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
POPOPrivKey TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(POPOPrivKey_vals) BITMASK = 0
|
||||
SubsequentMessage TYPE = FT_INT32 DISPLAY = BASE_DEC STRINGS = VALS(SubsequentMessage_vals) BITMASK = 0
|
||||
RegToken TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
Authenticator TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
PKIPublicationInfo TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
SinglePubInfo TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
PKIArchiveOptions TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(PKIArchiveOptions_vals) BITMASK = 0
|
||||
EncryptedKey TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(EncryptedKey_vals) BITMASK = 0
|
||||
EncryptedValue TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
KeyGenParameters TYPE = FT_BYTES DISPLAY = BASE_HEX STRINGS = NULL BITMASK = 0
|
||||
OldCertId TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
CertId TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
ProtocolEncrKey TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
UTF8Pairs TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
CertReq TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
|
||||
#.END
|
||||
|
|
@ -0,0 +1,64 @@
|
|||
# CRMF.cnf
|
||||
# CRMF conformation file
|
||||
|
||||
# $Id: cmrf.cnf 12740 2004-12-13 08:15:34Z sahlberg $
|
||||
|
||||
#.MODULE_IMPORT
|
||||
CryptographicMessageSyntax cms
|
||||
PKIX1Explicit88 pkix1explicit
|
||||
PKIX1Implicit88 pkix1implicit
|
||||
|
||||
#.INCLUDE ../cms/cms-exp.cnf
|
||||
#.INCLUDE ../pkix1explicit/pkix1explicit_exp.cnf
|
||||
#.INCLUDE ../pkix1implicit/pkix1implicit_exp.cnf
|
||||
|
||||
#.EXPORTS
|
||||
Authenticator
|
||||
AttributeTypeAndValue
|
||||
CertId
|
||||
CertReq
|
||||
CertReqMessages
|
||||
CertReqMsg
|
||||
CertRequest
|
||||
CertTemplate
|
||||
Controls
|
||||
EncryptedKey
|
||||
EncryptedValue
|
||||
KeyGenParameters
|
||||
OldCertId
|
||||
OptionalValidity
|
||||
PBMParameter
|
||||
PKIArchiveOptions
|
||||
PKIPublicationInfo
|
||||
PKMACValue
|
||||
POPOPrivKey
|
||||
POPOSigningKey
|
||||
POPOSigningKeyInput
|
||||
ProofOfPossession
|
||||
ProtocolEncrKey
|
||||
RegToken
|
||||
SinglePubInfo
|
||||
SubsequentMessage
|
||||
UTF8Pairs
|
||||
|
||||
#.REGISTER
|
||||
|
||||
#.NO_EMIT
|
||||
|
||||
#.TYPE_RENAME
|
||||
|
||||
#.FIELD_RENAME
|
||||
CertTemplate/issuer template_issuer
|
||||
POPOSigningKey/signature sk_signature
|
||||
PKMACValue/value pkmac_value
|
||||
|
||||
#.FN_BODY AttributeTypeAndValue/type
|
||||
offset = dissect_ber_object_identifier(FALSE, pinfo, tree, tvb, offset,
|
||||
hf_crmf_type_oid, object_identifier_id);
|
||||
|
||||
#.FN_BODY AttributeTypeAndValue/value
|
||||
offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
|
||||
|
||||
#.END
|
||||
|
||||
|
|
@ -0,0 +1,91 @@
|
|||
/* packet-crmf.c
|
||||
* Routines for RFC2511 Certificate Request Message Format packet dissection
|
||||
* Ronnie Sahlberg 2004
|
||||
*
|
||||
* $Id: packet-crmf-template.c 12740 2004-12-13 08:15:34Z sahlberg $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
* Copyright 1998 Gerald Combs
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
* as published by the Free Software Foundation; either version 2
|
||||
* of the License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
# include "config.h"
|
||||
#endif
|
||||
|
||||
#include <glib.h>
|
||||
#include <epan/packet.h>
|
||||
#include <epan/conversation.h>
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "packet-ber.h"
|
||||
#include "packet-crmf.h"
|
||||
#include "packet-cms.h"
|
||||
#include "packet-pkix1explicit.h"
|
||||
#include "packet-pkix1implicit.h"
|
||||
|
||||
#define PNAME "Certificate Request Message Format"
|
||||
#define PSNAME "CRMF"
|
||||
#define PFNAME "crmf"
|
||||
|
||||
/* Initialize the protocol and registered fields */
|
||||
int proto_crmf = -1;
|
||||
static int hf_crmf_type_oid = -1;
|
||||
#include "packet-crmf-hf.c"
|
||||
|
||||
/* Initialize the subtree pointers */
|
||||
#include "packet-crmf-ett.c"
|
||||
|
||||
static char object_identifier_id[64]; /*64 chars should be long enough? */
|
||||
|
||||
#include "packet-crmf-fn.c"
|
||||
|
||||
|
||||
/*--- proto_register_crmf ----------------------------------------------*/
|
||||
void proto_register_crmf(void) {
|
||||
|
||||
/* List of fields */
|
||||
static hf_register_info hf[] = {
|
||||
{ &hf_crmf_type_oid,
|
||||
{ "Type", "crmf.type.oid",
|
||||
FT_STRING, BASE_NONE, NULL, 0,
|
||||
"Type of AttributeTypeAndValue", HFILL }},
|
||||
#include "packet-crmf-hfarr.c"
|
||||
};
|
||||
|
||||
/* List of subtrees */
|
||||
static gint *ett[] = {
|
||||
#include "packet-crmf-ettarr.c"
|
||||
};
|
||||
|
||||
/* Register protocol */
|
||||
proto_crmf = proto_register_protocol(PNAME, PSNAME, PFNAME);
|
||||
|
||||
/* Register fields and subtrees */
|
||||
proto_register_field_array(proto_crmf, hf, array_length(hf));
|
||||
proto_register_subtree_array(ett, array_length(ett));
|
||||
|
||||
}
|
||||
|
||||
|
||||
/*--- proto_reg_handoff_crmf -------------------------------------------*/
|
||||
void proto_reg_handoff_crmf(void) {
|
||||
/*#include "packet-crmf-dis-tab.c"*/
|
||||
}
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
/* packet-crmf.h
|
||||
* Routines for RFC2511 Certificate Request Message Format packet dissection
|
||||
* Ronnie Sahlberg 2004
|
||||
*
|
||||
* $Id: packet-crmf-template.h 12573 2004-11-22 03:36:26Z sahlberg $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
* Copyright 1998 Gerald Combs
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
* as published by the Free Software Foundation; either version 2
|
||||
* of the License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
#ifndef PACKET_CRMF_H
|
||||
#define PACKET_CRMF_H
|
||||
|
||||
#include "packet-crmf-exp.h"
|
||||
|
||||
#endif /* PACKET_CRMF_H */
|
||||
|
|
@ -112,6 +112,7 @@ DISSECTOR_SRC = \
|
|||
packet-cosine.c \
|
||||
packet-cpfi.c \
|
||||
packet-cpha.c \
|
||||
packet-crmf.c \
|
||||
packet-cups.c \
|
||||
packet-daap.c \
|
||||
packet-data.c \
|
||||
|
@ -576,6 +577,7 @@ DISSECTOR_INCLUDES = \
|
|||
packet-clip.h \
|
||||
packet-cmip.h \
|
||||
packet-cms.h \
|
||||
packet-crmf.h \
|
||||
packet-data.h \
|
||||
packet-dccp.h \
|
||||
packet-dcerpc-atsvc.h \
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,76 @@
|
|||
/* Do not modify this file. */
|
||||
/* It is created automatically by the ASN.1 to Ethereal dissector compiler */
|
||||
/* ./packet-crmf.h */
|
||||
/* ../../tools/asn2eth.py -X -b -e -p crmf -c crmf.cnf -s packet-crmf-template CRMF.asn */
|
||||
|
||||
/* Input file: packet-crmf-template.h */
|
||||
|
||||
/* packet-crmf.h
|
||||
* Routines for RFC2511 Certificate Request Message Format packet dissection
|
||||
* Ronnie Sahlberg 2004
|
||||
*
|
||||
* $Id: packet-crmf-template.h 12573 2004-11-22 03:36:26Z sahlberg $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
* Copyright 1998 Gerald Combs
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
* as published by the Free Software Foundation; either version 2
|
||||
* of the License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
#ifndef PACKET_CRMF_H
|
||||
#define PACKET_CRMF_H
|
||||
|
||||
|
||||
/*--- Included file: packet-crmf-exp.h ---*/
|
||||
|
||||
extern const value_string ProofOfPossession_vals[];
|
||||
extern const value_string POPOPrivKey_vals[];
|
||||
extern const value_string SubsequentMessage_vals[];
|
||||
extern const value_string PKIArchiveOptions_vals[];
|
||||
extern const value_string EncryptedKey_vals[];
|
||||
int dissect_crmf_CertReqMessages(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_CertReqMsg(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_CertRequest(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_CertTemplate(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_OptionalValidity(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_Controls(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_AttributeTypeAndValue(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_ProofOfPossession(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_POPOSigningKey(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_POPOSigningKeyInput(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_PKMACValue(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_PBMParameter(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_POPOPrivKey(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_SubsequentMessage(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_RegToken(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_Authenticator(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_PKIPublicationInfo(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_SinglePubInfo(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_PKIArchiveOptions(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_EncryptedKey(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_EncryptedValue(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_KeyGenParameters(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_OldCertId(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_CertId(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_ProtocolEncrKey(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_UTF8Pairs(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
int dissect_crmf_CertReq(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
|
||||
|
||||
/*--- End of included file: packet-crmf-exp.h ---*/
|
||||
|
||||
|
||||
#endif /* PACKET_CRMF_H */
|
||||
|
Loading…
Reference in New Issue