New protocol PKIXQualified from RFC3739

svn path=/trunk/; revision=12528

asn1/pkixqualified/PKIXqualified.asn

@@ -0,0 +1,220 @@
+-- This ASN definition is taken from (and modified to pass through asn2eth)
+-- RFC3739
+--
+-- RFC3739 contains the followin copyright statements:
+-- 
+-- Full Copyright Statement
+-- 
+--    Copyright (C) The Internet Society (2004).  This document is subject
+--    to the rights, licenses and restrictions contained in BCP 78 and
+--    except as set forth therein, the authors retain all their rights.
+-- 
+--    This document and the information contained herein are provided on an
+--    "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
+--    REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE
+--    INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR
+--    IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
+--    THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
+--    WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+-- 
+-- Intellectual Property
+-- 
+--    The IETF takes no position regarding the validity or scope of any
+--    Intellectual Property Rights or other rights that might be claimed
+--    to pertain to the implementation or use of the technology
+--    described in this document or the extent to which any license
+--    under such rights might or might not be available; nor does it
+--    represent that it has made any independent effort to identify any
+--    such rights.  Information on the procedures with respect to
+--    rights in RFC documents can be found in BCP 78 and BCP 79.
+-- 
+--    Copies of IPR disclosures made to the IETF Secretariat and any
+--    assurances of licenses to be made available, or the result of an
+--    attempt made to obtain a general license or permission for the use
+--    of such proprietary rights by implementers or users of this
+--    specification can be obtained from the IETF on-line IPR repository
+--    at http://www.ietf.org/ipr.
+-- 
+--    The IETF invites any interested party to bring to its attention
+--    any copyrights, patents or patent applications, or other
+--    proprietary rights that may cover technology that may be required
+--    to implement this standard.  Please address the information to the
+--    IETF at ietf-ipr@ietf.org.
+-- 
+-- Acknowledgement
+-- 
+--    Funding for the RFC Editor function is currently provided by the
+--    Internet Society.
+-- 
+
+
+   PKIXqualified97 {iso(1) identified-organization(3) dod(6)
+       internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
+       id-mod-qualified-cert-97(35) }
+
+   DEFINITIONS EXPLICIT TAGS ::=
+
+   BEGIN
+
+   -- EXPORTS ALL --
+
+   IMPORTS
+
+   informationFramework, certificateExtensions, selectedAttributeTypes,
+       authenticationFramework, upperBounds, id-at
+       FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
+       usefulDefinitions(0) 3 }
+
+   ub-name
+       FROM UpperBounds upperBounds
+
+   GeneralName
+       FROM CertificateExtensions certificateExtensions
+
+   ATTRIBUTE, AttributeType
+       FROM InformationFramework informationFramework
+
+   DirectoryString
+       FROM SelectedAttributeTypes selectedAttributeTypes
+
+   AlgorithmIdentifier, Extension, EXTENSION
+       FROM AuthenticationFramework authenticationFramework
+
+   id-pkix, id-pe
+       FROM PKIX1Explicit88 { iso(1) identified-organization(3) dod(6)
+       internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
+       id-pkix1-explicit(18) };
+
+   -- Locally defined OIDs
+
+   -- Arc for QC personal data attributes
+--   id-pda  OBJECT IDENTIFIER ::= { id-pkix 9 }
+
+   -- Arc for QC statements
+--   id-qcs  OBJECT IDENTIFIER ::= { id-pkix 11 }
+
+   -- Personal data attributes
+
+--   id-pda-dateOfBirth          AttributeType ::= { id-pda 1 }
+--   id-pda-placeOfBirth         AttributeType ::= { id-pda 2 }
+--   id-pda-gender               AttributeType ::= { id-pda 3 }
+--   id-pda-countryOfCitizenship AttributeType ::= { id-pda 4 }
+--   id-pda-countryOfResidence   AttributeType ::= { id-pda 5 }
+
+   -- Certificate extensions
+
+--   id-pe-biometricInfo         OBJECT IDENTIFIER ::= { id-pe 2 }
+--   id-pe-qcStatements          OBJECT IDENTIFIER ::= { id-pe 3 }
+
+   -- QC statements
+
+--   id-qcs-pkixQCSyntax-v1      OBJECT IDENTIFIER ::= { id-qcs 1 }
+--   id-qcs-pkixQCSyntax-v2      OBJECT IDENTIFIER ::= { id-qcs 2 }
+
+Generalizedtime ::= GeneralizedTime
+
+Directorystring ::= DirectoryString
+
+Printablestring ::= PrintableString
+
+   -- Personal data attributes
+--
+--   dateOfBirth ATTRIBUTE ::= {
+--       WITH SYNTAX GeneralizedTime
+--       ID          id-pda-dateOfBirth }
+--
+--   placeOfBirth ATTRIBUTE ::= {
+--      WITH SYNTAX DirectoryString {ub-name}
+--      ID          id-pda-placeOfBirth }
+--
+--   gender ATTRIBUTE ::= {
+--       WITH SYNTAX PrintableString (SIZE(1) ^ FROM("M"|"F"|"m"|"f"))
+--       ID          id-pda-gender }
+--
+--   countryOfCitizenship ATTRIBUTE ::= {
+--       WITH SYNTAX PrintableString (SIZE (2))
+--           (CONSTRAINED BY { })
+--       ID          id-pda-countryOfCitizenship }
+--
+--   countryOfResidence ATTRIBUTE ::= {
+--       WITH SYNTAX PrintableString (SIZE (2))
+--           (CONSTRAINED BY { })
+--       ID          id-pda-countryOfResidence }
+--
+   -- Certificate extensions
+
+   -- Biometric info extension
+--
+--   biometricInfo  EXTENSION ::= {
+--       SYNTAX             BiometricSyntax
+--       IDENTIFIED BY      id-pe-biometricInfo }
+
+   BiometricSyntax ::= SEQUENCE OF BiometricData
+
+   BiometricData ::= SEQUENCE {
+       typeOfBiometricData TypeOfBiometricData,
+       hashAlgorithm       AlgorithmIdentifier,
+       biometricDataHash   OCTET STRING,
+       sourceDataUri       IA5String OPTIONAL,
+       ... }
+
+   TypeOfBiometricData ::= CHOICE {
+       predefinedBiometricType PredefinedBiometricType,
+       biometricDataOid        OBJECT IDENTIFIER }
+
+   PredefinedBiometricType ::= INTEGER {
+       picture(0), handwritten-signature(1)}
+
+
+   -- QC Statements Extension
+   -- NOTE: This extension does not allow to mix critical and
+   -- non-critical Qualified Certificate Statements. Either all
+   -- statements must be critical or all statements must be
+   -- non-critical.
+--
+--   qcStatements  EXTENSION ::= {
+--       SYNTAX        QCStatements
+--       IDENTIFIED BY id-pe-qcStatements }
+
+   QCStatements ::= SEQUENCE OF QCStatement
+
+   QCStatement ::= SEQUENCE {
+       statementId   OBJECT IDENTIFIER,
+       statementInfo ANY OPTIONAL }
+
+--   QC-STATEMENT ::= CLASS {
+--       &id   OBJECT IDENTIFIER UNIQUE,
+--       &Type OPTIONAL }
+--       WITH SYNTAX {
+--       [SYNTAX &Type] IDENTIFIED BY &id }
+
+--   qcStatement-1 QC-STATEMENT ::= { SYNTAX SemanticsInformation
+--       IDENTIFIED BY id-qcs-pkixQCSyntax-v1}
+       --  This statement identifies conformance with requirements
+       --  defined in RFC 3039 (Version 1). This statement
+       --  may optionally contain additional semantics information
+       --  as specified below.
+
+--   qcStatement-2 QC-STATEMENT ::= { SYNTAX SemanticsInformation
+--       IDENTIFIED BY id-qcs-pkixQCSyntax-v2}
+       --  This statement identifies conformance with requirements
+       --  defined in this Qualified Certificate profile
+       --  (Version 2). This statement may optionally contain
+       --  additional semantics information as specified below.
+
+   SemanticsInformation ::= SEQUENCE {
+       semanticsIdentifier         OBJECT IDENTIFIER OPTIONAL,
+       nameRegistrationAuthorities NameRegistrationAuthorities OPTIONAL
+       }
+
+   NameRegistrationAuthorities ::= SEQUENCE OF GeneralName
+
+   -- The following information object set is defined to constrain the
+   -- set of attributes applications are required to recognize as QCSs.
+--   SupportedStatements QC-STATEMENT ::= {
+--       qcStatement-1 |
+--       qcStatement-2 , ... }
+
+   END
+
+

asn1/pkixqualified/packet-pkixqualified-template.c

@@ -0,0 +1,86 @@
+/* packet-pkixqualified.c
+ * Routines for RFC3739 PKIXqualified packet dissection
+ *  Ronnie Sahlberg 2004
+ *
+ * $Id: packet-pkixqualified-template.c 12434 2004-10-29 12:11:42Z sahlberg $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <glib.h>
+#include <epan/packet.h>
+#include <epan/conversation.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#include "packet-ber.h"
+#include "packet-pkixqualified.h"
+#include "packet-x509af.h"
+#include "packet-x509ce.h"
+#include "packet-x509sat.h"
+
+#define PNAME  "PKIX Qualified"
+#define PSNAME "PKIXQUALIFIED"
+#define PFNAME "pkixqualified"
+
+/* Initialize the protocol and registered fields */
+int proto_pkixqualified = -1;
+#include "packet-pkixqualified-hf.c"
+
+/* Initialize the subtree pointers */
+#include "packet-pkixqualified-ett.c"
+
+static char object_identifier_id[64]; /*64 chars should be long enough? */
+
+#include "packet-pkixqualified-fn.c"
+
+
+/*--- proto_register_pkixqualified ----------------------------------------------*/
+void proto_register_pkixqualified(void) {
+
+  /* List of fields */
+  static hf_register_info hf[] = {
+#include "packet-pkixqualified-hfarr.c"
+  };
+
+  /* List of subtrees */
+  static gint *ett[] = {
+#include "packet-pkixqualified-ettarr.c"
+  };
+
+  /* Register protocol */
+  proto_pkixqualified = proto_register_protocol(PNAME, PSNAME, PFNAME);
+
+  /* Register fields and subtrees */
+  proto_register_field_array(proto_pkixqualified, hf, array_length(hf));
+  proto_register_subtree_array(ett, array_length(ett));
+
+}
+
+
+/*--- proto_reg_handoff_pkixqualified -------------------------------------------*/
+void proto_reg_handoff_pkixqualified(void) {
+#include "packet-pkixqualified-dis-tab.c"
+}
+

asn1/pkixqualified/packet-pkixqualified-template.h

@@ -0,0 +1,31 @@
+/* packet-pkixqualified.h
+ * Routines for RFC3739 PKIXqualified packet dissection
+ *
+ * $Id: packet-pkixqualified-template.h 12434 2004-10-29 12:11:42Z sahlberg $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifndef PACKET_PKIXQUALIFIED_H
+#define PACKET_PKIXQUALIFIED_H
+
+/*#include "packet-pkixqualified-exp.h"*/
+
+#endif  /* PACKET_PKIXQUALIFIED_H */
+

asn1/pkixqualified/pkixqualified.cnf

@@ -0,0 +1,43 @@
+# PKIXqualified.cnf
+# PKIXqualified conformation file
+
+# $Id: pkixqualified.cnf 12434 2004-10-29 12:11:42Z sahlberg $
+
+#.MODULE_IMPORT
+CertificateExtensions x509ce
+AuthenticationFramework x509af
+SelectedAttributeTypes x509sat
+
+#.INCLUDE ../x509ce/x509ce_exp.cnf
+#.INCLUDE ../x509af/x509af_exp.cnf
+#.INCLUDE ../x509sat/x509sat_exp.cnf
+
+#.EXPORTS
+
+#.REGISTER
+BiometricSyntax         B "1.3.6.1.5.5.7.1.2" "id-pe-biometricInfo"
+QCStatements            B "1.3.6.1.5.5.7.1.3" "id-pe-qcStatements"
+SemanticsInformation    B "1.3.6.1.5.5.7.11.1" "id-qcs-pkixQCSyntax-v1"
+SemanticsInformation    B "1.3.6.1.5.5.7.11.2" "id-qcs-pkixQCSyntax-v2"
+Generalizedtime         B "1.3.6.1.5.5.7.9.1" "id-pda-dateOfBirth"
+Directorystring         B "1.3.6.1.5.5.7.9.2" "id-pda-placeOfBirth"
+Printablestring         B "1.3.6.1.5.5.7.9.3" "id-pda-gender"
+Printablestring         B "1.3.6.1.5.5.7.9.4" "id-pda-countryOfCitizenship"
+Printablestring         B "1.3.6.1.5.5.7.9.5" "id-pda-countryOfResidence"
+
+#.NO_EMIT
+
+#.TYPE_RENAME
+
+#.FIELD_RENAME
+
+#.FN_BODY QCStatement/statementId
+  offset = dissect_ber_object_identifier(FALSE, pinfo, tree, tvb, offset,
+                                         hf_pkixqualified_statementId, object_identifier_id);
+
+#.FN_BODY QCStatement/statementInfo
+  offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+#.END
+
+

epan/dissectors/Makefile.common

@@ -389,6 +389,7 @@ DISSECTOR_SRC =	\
 	packet-pkcs1.c	\
 	packet-pkix1explicit.c	\
 	packet-pkix1implicit.c	\
+	packet-pkixqualified.c	\
 	packet-pkinit.c	\
 	packet-pktc.c	\
 	packet-pop.c	\
@@ -673,6 +674,7 @@ DISSECTOR_INCLUDES =	\
 	packet-pkcs1.h	\
 	packet-pkix1explicit.h	\
 	packet-pkix1implicit.h	\
+	packet-pkixqualified.h	\
 	packet-pkinit.h	\
 	packet-pktc.h	\
 	packet-portmap.h	\

epan/dissectors/packet-pkixqualified.c

@@ -0,0 +1,495 @@
+/* Do not modify this file.                                                   */
+/* It is created automatically by the ASN.1 to Ethereal dissector compiler    */
+/* ./packet-pkixqualified.c                                                   */
+/* ../../tools/asn2eth.py -X -b -e -p pkixqualified -c pkixqualified.cnf -s packet-pkixqualified-template PKIXqualified.asn */
+
+/* Input file: packet-pkixqualified-template.c */
+
+/* packet-pkixqualified.c
+ * Routines for RFC3739 PKIXqualified packet dissection
+ *  Ronnie Sahlberg 2004
+ *
+ * $Id: packet-pkixqualified-template.c 12434 2004-10-29 12:11:42Z sahlberg $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <glib.h>
+#include <epan/packet.h>
+#include <epan/conversation.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#include "packet-ber.h"
+#include "packet-pkixqualified.h"
+#include "packet-x509af.h"
+#include "packet-x509ce.h"
+#include "packet-x509sat.h"
+
+#define PNAME  "PKIX Qualified"
+#define PSNAME "PKIXQUALIFIED"
+#define PFNAME "pkixqualified"
+
+/* Initialize the protocol and registered fields */
+int proto_pkixqualified = -1;
+
+/*--- Included file: packet-pkixqualified-hf.c ---*/
+
+static int hf_pkixqualified_Generalizedtime_PDU = -1;  /* Generalizedtime */
+static int hf_pkixqualified_Directorystring_PDU = -1;  /* Directorystring */
+static int hf_pkixqualified_Printablestring_PDU = -1;  /* Printablestring */
+static int hf_pkixqualified_BiometricSyntax_PDU = -1;  /* BiometricSyntax */
+static int hf_pkixqualified_QCStatements_PDU = -1;  /* QCStatements */
+static int hf_pkixqualified_SemanticsInformation_PDU = -1;  /* SemanticsInformation */
+static int hf_pkixqualified_BiometricSyntax_item = -1;  /* BiometricData */
+static int hf_pkixqualified_typeOfBiometricData = -1;  /* TypeOfBiometricData */
+static int hf_pkixqualified_hashAlgorithm = -1;   /* AlgorithmIdentifier */
+static int hf_pkixqualified_biometricDataHash = -1;  /* OCTET_STRING */
+static int hf_pkixqualified_sourceDataUri = -1;   /* IA5String */
+static int hf_pkixqualified_predefinedBiometricType = -1;  /* PredefinedBiometricType */
+static int hf_pkixqualified_biometricDataOid = -1;  /* OBJECT_IDENTIFIER */
+static int hf_pkixqualified_QCStatements_item = -1;  /* QCStatement */
+static int hf_pkixqualified_statementId = -1;     /* T_statementId */
+static int hf_pkixqualified_statementInfo = -1;   /* T_statementInfo */
+static int hf_pkixqualified_semanticsIdentifier = -1;  /* OBJECT_IDENTIFIER */
+static int hf_pkixqualified_nameRegistrationAuthorities = -1;  /* NameRegistrationAuthorities */
+static int hf_pkixqualified_NameRegistrationAuthorities_item = -1;  /* GeneralName */
+
+/*--- End of included file: packet-pkixqualified-hf.c ---*/
+
+
+/* Initialize the subtree pointers */
+
+/*--- Included file: packet-pkixqualified-ett.c ---*/
+
+static gint ett_pkixqualified_BiometricSyntax = -1;
+static gint ett_pkixqualified_BiometricData = -1;
+static gint ett_pkixqualified_TypeOfBiometricData = -1;
+static gint ett_pkixqualified_QCStatements = -1;
+static gint ett_pkixqualified_QCStatement = -1;
+static gint ett_pkixqualified_SemanticsInformation = -1;
+static gint ett_pkixqualified_NameRegistrationAuthorities = -1;
+
+/*--- End of included file: packet-pkixqualified-ett.c ---*/
+
+
+static char object_identifier_id[64]; /*64 chars should be long enough? */
+
+
+/*--- Included file: packet-pkixqualified-fn.c ---*/
+
+/*--- Fields for imported types ---*/
+
+static int dissect_hashAlgorithm(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_hashAlgorithm);
+}
+static int dissect_NameRegistrationAuthorities_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509ce_GeneralName(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_NameRegistrationAuthorities_item);
+}
+
+
+static int
+dissect_pkixqualified_Generalizedtime(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_generalized_time(pinfo, tree, tvb, offset, hf_index);
+
+  return offset;
+}
+
+
+static int
+dissect_pkixqualified_Directorystring(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_x509sat_DirectoryString(implicit_tag, tvb, offset, pinfo, tree, hf_index);
+
+  return offset;
+}
+
+
+static int
+dissect_pkixqualified_Printablestring(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_PrintableString,
+                                         pinfo, tree, tvb, offset, hf_index,
+                                         NULL);
+
+  return offset;
+}
+
+
+static const value_string PredefinedBiometricType_vals[] = {
+  {   0, "picture" },
+  {   1, "handwritten-signature" },
+  { 0, NULL }
+};
+
+
+static int
+dissect_pkixqualified_PredefinedBiometricType(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_integer_new(implicit_tag, pinfo, tree, tvb, offset, hf_index, NULL);
+
+  return offset;
+}
+static int dissect_predefinedBiometricType(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_PredefinedBiometricType(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_predefinedBiometricType);
+}
+
+
+static int
+dissect_pkixqualified_OBJECT_IDENTIFIER(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_object_identifier(implicit_tag, pinfo, tree, tvb, offset,
+                                         hf_index, NULL);
+
+  return offset;
+}
+static int dissect_biometricDataOid(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_OBJECT_IDENTIFIER(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_biometricDataOid);
+}
+static int dissect_semanticsIdentifier(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_OBJECT_IDENTIFIER(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_semanticsIdentifier);
+}
+
+
+static const value_string TypeOfBiometricData_vals[] = {
+  {   0, "predefinedBiometricType" },
+  {   1, "biometricDataOid" },
+  { 0, NULL }
+};
+
+static const ber_choice TypeOfBiometricData_choice[] = {
+  {   0, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_predefinedBiometricType },
+  {   1, BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_biometricDataOid },
+  { 0, 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkixqualified_TypeOfBiometricData(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_choice(pinfo, tree, tvb, offset,
+                              TypeOfBiometricData_choice, hf_index, ett_pkixqualified_TypeOfBiometricData);
+
+  return offset;
+}
+static int dissect_typeOfBiometricData(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_TypeOfBiometricData(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_typeOfBiometricData);
+}
+
+
+static int
+dissect_pkixqualified_OCTET_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_octet_string(implicit_tag, pinfo, tree, tvb, offset, hf_index,
+                                    NULL);
+
+  return offset;
+}
+static int dissect_biometricDataHash(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_OCTET_STRING(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_biometricDataHash);
+}
+
+
+static int
+dissect_pkixqualified_IA5String(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_IA5String,
+                                         pinfo, tree, tvb, offset, hf_index,
+                                         NULL);
+
+  return offset;
+}
+static int dissect_sourceDataUri(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_IA5String(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_sourceDataUri);
+}
+
+static const ber_sequence BiometricData_sequence[] = {
+  { BER_CLASS_UNI, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_typeOfBiometricData },
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_hashAlgorithm },
+  { BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_biometricDataHash },
+  { BER_CLASS_UNI, BER_UNI_TAG_IA5String, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_sourceDataUri },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkixqualified_BiometricData(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                BiometricData_sequence, hf_index, ett_pkixqualified_BiometricData);
+
+  return offset;
+}
+static int dissect_BiometricSyntax_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_BiometricData(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_BiometricSyntax_item);
+}
+
+static const ber_sequence BiometricSyntax_sequence_of[1] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_BiometricSyntax_item },
+};
+
+static int
+dissect_pkixqualified_BiometricSyntax(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
+                                   BiometricSyntax_sequence_of, hf_index, ett_pkixqualified_BiometricSyntax);
+
+  return offset;
+}
+
+
+static int
+dissect_pkixqualified_T_statementId(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_object_identifier(FALSE, pinfo, tree, tvb, offset,
+                                         hf_pkixqualified_statementId, object_identifier_id);
+
+
+  return offset;
+}
+static int dissect_statementId(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_T_statementId(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_statementId);
+}
+
+
+
+static int
+dissect_pkixqualified_T_statementInfo(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+
+  return offset;
+}
+static int dissect_statementInfo(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_T_statementInfo(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_statementInfo);
+}
+
+static const ber_sequence QCStatement_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_statementId },
+  { BER_CLASS_ANY, 0, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_statementInfo },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkixqualified_QCStatement(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                QCStatement_sequence, hf_index, ett_pkixqualified_QCStatement);
+
+  return offset;
+}
+static int dissect_QCStatements_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_QCStatement(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_QCStatements_item);
+}
+
+static const ber_sequence QCStatements_sequence_of[1] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_QCStatements_item },
+};
+
+static int
+dissect_pkixqualified_QCStatements(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
+                                   QCStatements_sequence_of, hf_index, ett_pkixqualified_QCStatements);
+
+  return offset;
+}
+
+static const ber_sequence NameRegistrationAuthorities_sequence_of[1] = {
+  { BER_CLASS_ANY, -1, BER_FLAGS_NOOWNTAG, dissect_NameRegistrationAuthorities_item },
+};
+
+static int
+dissect_pkixqualified_NameRegistrationAuthorities(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
+                                   NameRegistrationAuthorities_sequence_of, hf_index, ett_pkixqualified_NameRegistrationAuthorities);
+
+  return offset;
+}
+static int dissect_nameRegistrationAuthorities(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkixqualified_NameRegistrationAuthorities(FALSE, tvb, offset, pinfo, tree, hf_pkixqualified_nameRegistrationAuthorities);
+}
+
+static const ber_sequence SemanticsInformation_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_semanticsIdentifier },
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_nameRegistrationAuthorities },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkixqualified_SemanticsInformation(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                SemanticsInformation_sequence, hf_index, ett_pkixqualified_SemanticsInformation);
+
+  return offset;
+}
+
+/*--- PDUs ---*/
+
+static void dissect_Generalizedtime_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkixqualified_Generalizedtime(FALSE, tvb, 0, pinfo, tree, hf_pkixqualified_Generalizedtime_PDU);
+}
+static void dissect_Directorystring_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkixqualified_Directorystring(FALSE, tvb, 0, pinfo, tree, hf_pkixqualified_Directorystring_PDU);
+}
+static void dissect_Printablestring_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkixqualified_Printablestring(FALSE, tvb, 0, pinfo, tree, hf_pkixqualified_Printablestring_PDU);
+}
+static void dissect_BiometricSyntax_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkixqualified_BiometricSyntax(FALSE, tvb, 0, pinfo, tree, hf_pkixqualified_BiometricSyntax_PDU);
+}
+static void dissect_QCStatements_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkixqualified_QCStatements(FALSE, tvb, 0, pinfo, tree, hf_pkixqualified_QCStatements_PDU);
+}
+static void dissect_SemanticsInformation_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkixqualified_SemanticsInformation(FALSE, tvb, 0, pinfo, tree, hf_pkixqualified_SemanticsInformation_PDU);
+}
+
+
+/*--- End of included file: packet-pkixqualified-fn.c ---*/
+
+
+
+/*--- proto_register_pkixqualified ----------------------------------------------*/
+void proto_register_pkixqualified(void) {
+
+  /* List of fields */
+  static hf_register_info hf[] = {
+
+/*--- Included file: packet-pkixqualified-hfarr.c ---*/
+
+    { &hf_pkixqualified_Generalizedtime_PDU,
+      { "Generalizedtime", "pkixqualified.Generalizedtime",
+        FT_STRING, BASE_NONE, NULL, 0,
+        "Generalizedtime", HFILL }},
+    { &hf_pkixqualified_Directorystring_PDU,
+      { "Directorystring", "pkixqualified.Directorystring",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "Directorystring", HFILL }},
+    { &hf_pkixqualified_Printablestring_PDU,
+      { "Printablestring", "pkixqualified.Printablestring",
+        FT_STRING, BASE_NONE, NULL, 0,
+        "Printablestring", HFILL }},
+    { &hf_pkixqualified_BiometricSyntax_PDU,
+      { "BiometricSyntax", "pkixqualified.BiometricSyntax",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        "BiometricSyntax", HFILL }},
+    { &hf_pkixqualified_QCStatements_PDU,
+      { "QCStatements", "pkixqualified.QCStatements",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        "QCStatements", HFILL }},
+    { &hf_pkixqualified_SemanticsInformation_PDU,
+      { "SemanticsInformation", "pkixqualified.SemanticsInformation",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "SemanticsInformation", HFILL }},
+    { &hf_pkixqualified_BiometricSyntax_item,
+      { "Item", "pkixqualified.BiometricSyntax_item",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "BiometricSyntax/_item", HFILL }},
+    { &hf_pkixqualified_typeOfBiometricData,
+      { "typeOfBiometricData", "pkixqualified.typeOfBiometricData",
+        FT_UINT32, BASE_DEC, VALS(TypeOfBiometricData_vals), 0,
+        "BiometricData/typeOfBiometricData", HFILL }},
+    { &hf_pkixqualified_hashAlgorithm,
+      { "hashAlgorithm", "pkixqualified.hashAlgorithm",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "BiometricData/hashAlgorithm", HFILL }},
+    { &hf_pkixqualified_biometricDataHash,
+      { "biometricDataHash", "pkixqualified.biometricDataHash",
+        FT_BYTES, BASE_HEX, NULL, 0,
+        "BiometricData/biometricDataHash", HFILL }},
+    { &hf_pkixqualified_sourceDataUri,
+      { "sourceDataUri", "pkixqualified.sourceDataUri",
+        FT_STRING, BASE_NONE, NULL, 0,
+        "BiometricData/sourceDataUri", HFILL }},
+    { &hf_pkixqualified_predefinedBiometricType,
+      { "predefinedBiometricType", "pkixqualified.predefinedBiometricType",
+        FT_INT32, BASE_DEC, VALS(PredefinedBiometricType_vals), 0,
+        "TypeOfBiometricData/predefinedBiometricType", HFILL }},
+    { &hf_pkixqualified_biometricDataOid,
+      { "biometricDataOid", "pkixqualified.biometricDataOid",
+        FT_STRING, BASE_NONE, NULL, 0,
+        "TypeOfBiometricData/biometricDataOid", HFILL }},
+    { &hf_pkixqualified_QCStatements_item,
+      { "Item", "pkixqualified.QCStatements_item",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "QCStatements/_item", HFILL }},
+    { &hf_pkixqualified_statementId,
+      { "statementId", "pkixqualified.statementId",
+        FT_STRING, BASE_NONE, NULL, 0,
+        "QCStatement/statementId", HFILL }},
+    { &hf_pkixqualified_statementInfo,
+      { "statementInfo", "pkixqualified.statementInfo",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "QCStatement/statementInfo", HFILL }},
+    { &hf_pkixqualified_semanticsIdentifier,
+      { "semanticsIdentifier", "pkixqualified.semanticsIdentifier",
+        FT_STRING, BASE_NONE, NULL, 0,
+        "SemanticsInformation/semanticsIdentifier", HFILL }},
+    { &hf_pkixqualified_nameRegistrationAuthorities,
+      { "nameRegistrationAuthorities", "pkixqualified.nameRegistrationAuthorities",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        "SemanticsInformation/nameRegistrationAuthorities", HFILL }},
+    { &hf_pkixqualified_NameRegistrationAuthorities_item,
+      { "Item", "pkixqualified.NameRegistrationAuthorities_item",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "NameRegistrationAuthorities/_item", HFILL }},
+
+/*--- End of included file: packet-pkixqualified-hfarr.c ---*/
+
+  };
+
+  /* List of subtrees */
+  static gint *ett[] = {
+
+/*--- Included file: packet-pkixqualified-ettarr.c ---*/
+
+    &ett_pkixqualified_BiometricSyntax,
+    &ett_pkixqualified_BiometricData,
+    &ett_pkixqualified_TypeOfBiometricData,
+    &ett_pkixqualified_QCStatements,
+    &ett_pkixqualified_QCStatement,
+    &ett_pkixqualified_SemanticsInformation,
+    &ett_pkixqualified_NameRegistrationAuthorities,
+
+/*--- End of included file: packet-pkixqualified-ettarr.c ---*/
+
+  };
+
+  /* Register protocol */
+  proto_pkixqualified = proto_register_protocol(PNAME, PSNAME, PFNAME);
+
+  /* Register fields and subtrees */
+  proto_register_field_array(proto_pkixqualified, hf, array_length(hf));
+  proto_register_subtree_array(ett, array_length(ett));
+
+}
+
+
+/*--- proto_reg_handoff_pkixqualified -------------------------------------------*/
+void proto_reg_handoff_pkixqualified(void) {
+
+/*--- Included file: packet-pkixqualified-dis-tab.c ---*/
+
+ register_ber_oid_dissector("1.3.6.1.5.5.7.1.2", dissect_BiometricSyntax_PDU, proto_pkixqualified, "id-pe-biometricInfo");
+ register_ber_oid_dissector("1.3.6.1.5.5.7.1.3", dissect_QCStatements_PDU, proto_pkixqualified, "id-pe-qcStatements");
+ register_ber_oid_dissector("1.3.6.1.5.5.7.11.1", dissect_SemanticsInformation_PDU, proto_pkixqualified, "id-qcs-pkixQCSyntax-v1");
+ register_ber_oid_dissector("1.3.6.1.5.5.7.11.2", dissect_SemanticsInformation_PDU, proto_pkixqualified, "id-qcs-pkixQCSyntax-v2");
+ register_ber_oid_dissector("1.3.6.1.5.5.7.9.1", dissect_Generalizedtime_PDU, proto_pkixqualified, "id-pda-dateOfBirth");
+ register_ber_oid_dissector("1.3.6.1.5.5.7.9.2", dissect_Directorystring_PDU, proto_pkixqualified, "id-pda-placeOfBirth");
+ register_ber_oid_dissector("1.3.6.1.5.5.7.9.3", dissect_Printablestring_PDU, proto_pkixqualified, "id-pda-gender");
+ register_ber_oid_dissector("1.3.6.1.5.5.7.9.4", dissect_Printablestring_PDU, proto_pkixqualified, "id-pda-countryOfCitizenship");
+ register_ber_oid_dissector("1.3.6.1.5.5.7.9.5", dissect_Printablestring_PDU, proto_pkixqualified, "id-pda-countryOfResidence");
+
+
+/*--- End of included file: packet-pkixqualified-dis-tab.c ---*/
+
+}
+

epan/dissectors/packet-pkixqualified.h

@@ -0,0 +1,38 @@
+/* Do not modify this file.                                                   */
+/* It is created automatically by the ASN.1 to Ethereal dissector compiler    */
+/* ./packet-pkixqualified.h                                                   */
+/* ../../tools/asn2eth.py -X -b -e -p pkixqualified -c pkixqualified.cnf -s packet-pkixqualified-template PKIXqualified.asn */
+
+/* Input file: packet-pkixqualified-template.h */
+
+/* packet-pkixqualified.h
+ * Routines for RFC3739 PKIXqualified packet dissection
+ *
+ * $Id: packet-pkixqualified-template.h 12434 2004-10-29 12:11:42Z sahlberg $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifndef PACKET_PKIXQUALIFIED_H
+#define PACKET_PKIXQUALIFIED_H
+
+/*#include "packet-pkixqualified-exp.h"*/
+
+#endif  /* PACKET_PKIXQUALIFIED_H */
+