search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
epan/dissectors/pidl/samr/samr.cnf cnf_dissect_lsa_BinaryString => lsarpc_dissect_str...
[wireshark-sm.git] / epan / dissectors / packet-pkcs12.c
blobe9bd7abb1c8cf88561122b12b13a349fd75c1e6d
1 /* Do not modify this file. Changes will be overwritten. */
2 /* Generated automatically by the ASN.1 to Wireshark dissector compiler */
3 /* packet-pkcs12.c */
4 /* asn2wrs.py -b -q -L -p pkcs12 -c ./pkcs12.cnf -s ./packet-pkcs12-template -D . -O ../.. pkcs12.asn */
5
6 /* packet-pkcs12.c
7 * Routines for PKCS#12: Personal Information Exchange packet dissection
8 * Graeme Lunt 2006
9 *
10 * See "PKCS #12 v1.1: Personal Information Exchange Syntax":
11 *
12 * http://www.emc.com/emc-plus/rsa-labs/pkcs/files/h11301-wp-pkcs-12v1-1-personal-information-exchange-syntax.pdf
13 *
14 * Wireshark - Network traffic analyzer
15 * By Gerald Combs <gerald@wireshark.org>
16 * Copyright 1998 Gerald Combs
17 *
18 * SPDX-License-Identifier: GPL-2.0-or-later
19 */
20
21 #include "config.h"
22
23 #include <epan/packet.h>
24 #include <epan/expert.h>
25 #include <epan/oids.h>
26 #include <epan/asn1.h>
27 #include <epan/prefs.h>
28 #include <wsutil/array.h>
29
30 #include "packet-ber.h"
31 #include "packet-pkcs12.h"
32 #include "packet-x509af.h"
33 #include "packet-x509if.h"
34 #include "packet-cms.h"
35
36 #include <wsutil/wsgcrypt.h>
37
38 #define PNAME "PKCS#12: Personal Information Exchange"
39 #define PSNAME "PKCS12"
40 #define PFNAME "pkcs12"
41
42 #define PKCS12_PBE_ARCFOUR_SHA1_OID "1.2.840.113549.1.12.1.1"
43 #define PKCS12_PBE_3DES_SHA1_OID "1.2.840.113549.1.12.1.3"
44 #define PKCS12_PBE_RC2_40_SHA1_OID "1.2.840.113549.1.12.1.6"
45
46 void proto_register_pkcs12(void);
47 void proto_reg_handoff_pkcs12(void);
48
49 /* Initialize the protocol and registered fields */
50 static int proto_pkcs12;
51
52 static int hf_pkcs12_X509Certificate_PDU;
53 static int hf_pkcs12_AuthenticatedSafe_PDU; /* AuthenticatedSafe */
54 static int ett_decrypted_pbe;
55
56 static expert_field ei_pkcs12_octet_string_expected;
57
58
59 static const char *object_identifier_id;
60 static int iteration_count;
61 static tvbuff_t *salt;
62 static const char *password;
63 static bool try_null_password;
64
65 static int dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data);
66 static int dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data);
67 static int dissect_PrivateKeyInfo_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data);
68
69 static int hf_pkcs12_PFX_PDU; /* PFX */
70 static int hf_pkcs12_SafeContents_PDU; /* SafeContents */
71 static int hf_pkcs12_KeyBag_PDU; /* KeyBag */
72 static int hf_pkcs12_PKCS8ShroudedKeyBag_PDU; /* PKCS8ShroudedKeyBag */
73 static int hf_pkcs12_CertBag_PDU; /* CertBag */
74 static int hf_pkcs12_CRLBag_PDU; /* CRLBag */
75 static int hf_pkcs12_SecretBag_PDU; /* SecretBag */
76 static int hf_pkcs12_PrivateKeyInfo_PDU; /* PrivateKeyInfo */
77 static int hf_pkcs12_EncryptedPrivateKeyInfo_PDU; /* EncryptedPrivateKeyInfo */
78 static int hf_pkcs12_PBEParameter_PDU; /* PBEParameter */
79 static int hf_pkcs12_PBKDF2Params_PDU; /* PBKDF2Params */
80 static int hf_pkcs12_PBES2Params_PDU; /* PBES2Params */
81 static int hf_pkcs12_PBMAC1Params_PDU; /* PBMAC1Params */
82 static int hf_pkcs12_version; /* T_version */
83 static int hf_pkcs12_authSafe; /* ContentInfo */
84 static int hf_pkcs12_macData; /* MacData */
85 static int hf_pkcs12_mac; /* DigestInfo */
86 static int hf_pkcs12_macSalt; /* OCTET_STRING */
87 static int hf_pkcs12_iterations; /* INTEGER */
88 static int hf_pkcs12_AuthenticatedSafe_item; /* ContentInfo */
89 static int hf_pkcs12_SafeContents_item; /* SafeBag */
90 static int hf_pkcs12_bagId; /* T_bagId */
91 static int hf_pkcs12_bagValue; /* T_bagValue */
92 static int hf_pkcs12_bagAttributes; /* SET_OF_PKCS12Attribute */
93 static int hf_pkcs12_bagAttributes_item; /* PKCS12Attribute */
94 static int hf_pkcs12_certId; /* T_certId */
95 static int hf_pkcs12_certValue; /* T_certValue */
96 static int hf_pkcs12_crlId; /* T_crlId */
97 static int hf_pkcs12_crlValue; /* T_crlValue */
98 static int hf_pkcs12_secretTypeId; /* T_secretTypeId */
99 static int hf_pkcs12_secretValue; /* T_secretValue */
100 static int hf_pkcs12_attrId; /* T_attrId */
101 static int hf_pkcs12_attrValues; /* T_attrValues */
102 static int hf_pkcs12_attrValues_item; /* T_attrValues_item */
103 static int hf_pkcs12_privateKeyVersion; /* Version */
104 static int hf_pkcs12_privateKeyAlgorithm; /* AlgorithmIdentifier */
105 static int hf_pkcs12_privateKey; /* PrivateKey */
106 static int hf_pkcs12_attributes; /* Attributes */
107 static int hf_pkcs12_Attributes_item; /* Attribute */
108 static int hf_pkcs12_encryptionAlgorithm; /* AlgorithmIdentifier */
109 static int hf_pkcs12_encryptedData; /* EncryptedData */
110 static int hf_pkcs12_salt; /* OCTET_STRING */
111 static int hf_pkcs12_iterationCount; /* INTEGER */
112 static int hf_pkcs12_saltChoice; /* T_saltChoice */
113 static int hf_pkcs12_specified; /* OCTET_STRING */
114 static int hf_pkcs12_otherSource; /* AlgorithmIdentifier */
115 static int hf_pkcs12_keyLength; /* INTEGER_1_MAX */
116 static int hf_pkcs12_prf; /* AlgorithmIdentifier */
117 static int hf_pkcs12_keyDerivationFunc; /* AlgorithmIdentifier */
118 static int hf_pkcs12_encryptionScheme; /* AlgorithmIdentifier */
119 static int hf_pkcs12_messageAuthScheme; /* AlgorithmIdentifier */
120
121 /* Initialize the subtree pointers */
122 static int ett_pkcs12_PFX;
123 static int ett_pkcs12_MacData;
124 static int ett_pkcs12_AuthenticatedSafe;
125 static int ett_pkcs12_SafeContents;
126 static int ett_pkcs12_SafeBag;
127 static int ett_pkcs12_SET_OF_PKCS12Attribute;
128 static int ett_pkcs12_CertBag;
129 static int ett_pkcs12_CRLBag;
130 static int ett_pkcs12_SecretBag;
131 static int ett_pkcs12_PKCS12Attribute;
132 static int ett_pkcs12_T_attrValues;
133 static int ett_pkcs12_PrivateKeyInfo;
134 static int ett_pkcs12_Attributes;
135 static int ett_pkcs12_EncryptedPrivateKeyInfo;
136 static int ett_pkcs12_PBEParameter;
137 static int ett_pkcs12_PBKDF2Params;
138 static int ett_pkcs12_T_saltChoice;
139 static int ett_pkcs12_PBES2Params;
140 static int ett_pkcs12_PBMAC1Params;
141
142 static void append_oid(wmem_allocator_t *pool, proto_tree *tree, const char *oid)
143 {
144 const char *name = NULL;
145
146 name = oid_resolved_from_string(pool, oid);
147 proto_item_append_text(tree, " (%s)", name ? name : oid);
148 }
149
150 static int
151 generate_key_or_iv(packet_info *pinfo, unsigned int id, tvbuff_t *salt_tvb, unsigned int iter,
152 const char *pw, unsigned int req_keylen, char * keybuf)
153 {
154 int rc;
155 unsigned int i, j;
156 gcry_md_hd_t md;
157 gcry_mpi_t num_b1 = NULL;
158 size_t pwlen;
159 char hash[20], buf_b[64], buf_i[128], *p;
160 char *salt_p;
161 int salt_size;
162 size_t cur_keylen;
163 size_t n;
164 gcry_error_t err;
165
166 cur_keylen = 0;
167
168 salt_size = tvb_captured_length(salt_tvb);
169 salt_p = (char *)tvb_memdup(pinfo->pool, salt_tvb, 0, salt_size);
170
171 if (pw == NULL)
172 pwlen = 0;
173 else
174 pwlen = strlen(pw);
175
176 if (pwlen > 63 / 2)
177 {
178 return false;
179 }
180
181 /* Store salt and password in BUF_I */
182 p = buf_i;
183 for (i = 0; i < 64; i++)
184 *p++ = salt_p[i % salt_size];
185 if (pw)
186 {
187 for (i = j = 0; i < 64; i += 2)
188 {
189 *p++ = 0;
190 *p++ = pw[j];
191 if (++j > pwlen) /* Note, that we include the trailing zero */
192 j = 0;
193 }
194 }
195 else
196 memset (p, 0, 64);
197
198 for (;;) {
199 err = gcry_md_open(&md, GCRY_MD_SHA1, 0);
200 if (gcry_err_code(err))
201 {
202 return false;
203 }
204 for (i = 0; i < 64; i++)
205 {
206 unsigned char lid = id & 0xFF;
207 gcry_md_write (md, &lid, 1);
208 }
209
210 gcry_md_write(md, buf_i, pw ? 128 : 64);
211
212 gcry_md_final (md);
213 memcpy (hash, gcry_md_read (md, 0), 20);
214
215 gcry_md_close (md);
216
217 for (i = 1; i < iter; i++)
218 gcry_md_hash_buffer (GCRY_MD_SHA1, hash, hash, 20);
219
220 for (i = 0; i < 20 && cur_keylen < req_keylen; i++)
221 keybuf[cur_keylen++] = hash[i];
222
223 if (cur_keylen == req_keylen)
224 {
225 gcry_mpi_release (num_b1);
226 return true; /* ready */
227 }
228
229 /* need more bytes. */
230 for (i = 0; i < 64; i++)
231 buf_b[i] = hash[i % 20];
232
233 n = 64;
234
235 rc = gcry_mpi_scan (&num_b1, GCRYMPI_FMT_USG, buf_b, n, &n);
236
237 if (rc != 0)
238 {
239 return false;
240 }
241
242 gcry_mpi_add_ui (num_b1, num_b1, 1);
243
244 for (i = 0; i < 128; i += 64)
245 {
246 gcry_mpi_t num_ij;
247
248 n = 64;
249 rc = gcry_mpi_scan (&num_ij, GCRYMPI_FMT_USG, buf_i + i, n, &n);
250
251 if (rc != 0)
252 {
253 return false;
254 }
255
256 gcry_mpi_add (num_ij, num_ij, num_b1);
257 gcry_mpi_clear_highbit (num_ij, 64 * 8);
258
259 n = 64;
260
261 rc = gcry_mpi_print (GCRYMPI_FMT_USG, buf_i + i, n, &n, num_ij);
262 if (rc != 0)
263 {
264 return false;
265 }
266
267 gcry_mpi_release (num_ij);
268 }
269 }
270 }
271
272 void PBE_reset_parameters(void)
273 {
274 iteration_count = 0;
275 salt = NULL;
276 }
277
278 int PBE_decrypt_data(const char *object_identifier_id_param _U_, tvbuff_t *encrypted_tvb _U_, packet_info *pinfo _U_, asn1_ctx_t *actx _U_, proto_item *item _U_)
279 {
280 const char *encryption_algorithm;
281 gcry_cipher_hd_t cipher;
282 gcry_error_t err;
283 int algo;
284 int mode;
285 int ivlen = 0;
286 int keylen = 0;
287 int datalen = 0;
288 char *key = NULL;
289 char *iv = NULL;
290 char *clear_data = NULL;
291 tvbuff_t *clear_tvb = NULL;
292 const char *oidname;
293 GString *name;
294 proto_tree *tree;
295 char byte;
296 bool decrypt_ok = true;
297
298 if(((password == NULL) || (*password == '\0')) && (try_null_password == false)) {
299 /* we are not configured to decrypt */
300 return false;
301 }
302
303 encryption_algorithm = x509af_get_last_algorithm_id();
304
305 /* these are the only encryption schemes we understand for now */
306 if(!strcmp(encryption_algorithm, PKCS12_PBE_3DES_SHA1_OID)) {
307 ivlen = 8;
308 keylen = 24;
309 algo = GCRY_CIPHER_3DES;
310 mode = GCRY_CIPHER_MODE_CBC;
311 } else if(!strcmp(encryption_algorithm, PKCS12_PBE_ARCFOUR_SHA1_OID)) {
312 ivlen = 0;
313 keylen = 16;
314 algo = GCRY_CIPHER_ARCFOUR;
315 mode = GCRY_CIPHER_MODE_NONE;
316 } else if(!strcmp(encryption_algorithm, PKCS12_PBE_RC2_40_SHA1_OID)) {
317 ivlen = 8;
318 keylen = 5;
319 algo = GCRY_CIPHER_RFC2268_40;
320 mode = GCRY_CIPHER_MODE_CBC;
321 } else {
322 /* we don't know how to decrypt this */
323
324 proto_item_append_text(item, " [Unsupported encryption algorithm]");
325 return false;
326 }
327
328 if((iteration_count == 0) || (salt == NULL)) {
329 proto_item_append_text(item, " [Insufficient parameters]");
330 return false;
331 }
332
333 /* allocate buffers */
334 key = (char *)wmem_alloc(pinfo->pool, keylen);
335
336 if(!generate_key_or_iv(pinfo, 1 /*LEY */, salt, iteration_count, password, keylen, key))
337 return false;
338
339 if(ivlen) {
340
341 iv = (char *)wmem_alloc(pinfo->pool, ivlen);
342
343 if(!generate_key_or_iv(pinfo, 2 /* IV */, salt, iteration_count, password, ivlen, iv))
344 return false;
345 }
346
347 /* now try an internal function */
348 err = gcry_cipher_open(&cipher, algo, mode, 0);
349 if (gcry_err_code (err))
350 return false;
351
352 err = gcry_cipher_setkey (cipher, key, keylen);
353 if (gcry_err_code (err)) {
354 gcry_cipher_close (cipher);
355 return false;
356 }
357
358 if(ivlen) {
359 err = gcry_cipher_setiv (cipher, iv, ivlen);
360 if (gcry_err_code (err)) {
361 gcry_cipher_close (cipher);
362 return false;
363 }
364 }
365
366 datalen = tvb_captured_length(encrypted_tvb);
367 clear_data = (char *)wmem_alloc(pinfo->pool, datalen);
368
369 err = gcry_cipher_decrypt (cipher, clear_data, datalen, (char *)tvb_memdup(pinfo->pool, encrypted_tvb, 0, datalen), datalen);
370 if (gcry_err_code (err)) {
371
372 proto_item_append_text(item, " [Failed to decrypt with password preference]");
373
374 gcry_cipher_close (cipher);
375 return false;
376 }
377
378 gcry_cipher_close (cipher);
379
380 /* We don't know if we have successfully decrypted the data or not so we:
381 a) check the trailing bytes
382 b) see if we start with a sequence or a set (is this too constraining?
383 */
384
385 /* first the trailing bytes */
386 byte = clear_data[datalen-1];
387 if(byte <= 0x08) {
388 int i;
389
390 for(i = (int)byte; i > 0 ; i--) {
391 if(clear_data[datalen - i] != byte) {
392 decrypt_ok = false;
393 break;
394 }
395 }
396 } else {
397 /* XXX: is this a failure? */
398 }
399
400 /* we assume the result is ASN.1 - check it is a SET or SEQUENCE */
401 byte = clear_data[0];
402 if((byte != 0x30) && (byte != 0x31)) { /* do we need more here? OCTET STRING? */
403 decrypt_ok = false;
404 }
405
406 if(!decrypt_ok) {
407 proto_item_append_text(item, " [Failed to decrypt with supplied password]");
408
409 return false;
410 }
411
412 proto_item_append_text(item, " [Decrypted successfully]");
413
414 tree = proto_item_add_subtree(item, ett_decrypted_pbe);
415
416 /* OK - so now clear_data contains the decrypted data */
417
418 clear_tvb = tvb_new_child_real_data(encrypted_tvb,(const uint8_t *)clear_data, datalen, datalen);
419
420 name = g_string_new("");
421 oidname = oid_resolved_from_string(pinfo->pool, object_identifier_id_param);
422 g_string_printf(name, "Decrypted %s", oidname ? oidname : object_identifier_id_param);
423
424 /* add it as a new source */
425 add_new_data_source(actx->pinfo, clear_tvb, name->str);
426
427 g_string_free(name, TRUE);
428
429 /* now try and decode it */
430 call_ber_oid_callback(object_identifier_id_param, clear_tvb, 0, actx->pinfo, tree, NULL);
431
432 return true;
433 }
434
435
436 static const value_string pkcs12_T_version_vals[] = {
437 { 3, "v3" },
438 { 0, NULL }
439 };
440
441
442 static int
443 dissect_pkcs12_T_version(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
444 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
445 NULL);
446
447 return offset;
448 }
449
450
451
452 static int
453 dissect_pkcs12_OCTET_STRING(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
454 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
455 (hf_index == hf_pkcs12_salt ? &salt : NULL));
456
457 return offset;
458 }
459
460
461
462 static int
463 dissect_pkcs12_INTEGER(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
464 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
465 (hf_index == hf_pkcs12_iterationCount ? &iteration_count : NULL));
466
467 return offset;
468 }
469
470
471 static const ber_sequence_t MacData_sequence[] = {
472 { &hf_pkcs12_mac , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_cms_DigestInfo },
473 { &hf_pkcs12_macSalt , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_OCTET_STRING },
474 { &hf_pkcs12_iterations , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_pkcs12_INTEGER },
475 { NULL, 0, 0, 0, NULL }
476 };
477
478 static int
479 dissect_pkcs12_MacData(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
480 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
481 MacData_sequence, hf_index, ett_pkcs12_MacData);
482
483 return offset;
484 }
485
486
487 static const ber_sequence_t PFX_sequence[] = {
488 { &hf_pkcs12_version , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_version },
489 { &hf_pkcs12_authSafe , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_cms_ContentInfo },
490 { &hf_pkcs12_macData , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_pkcs12_MacData },
491 { NULL, 0, 0, 0, NULL }
492 };
493
494 static int
495 dissect_pkcs12_PFX(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
496 dissector_handle_t dissector_handle;
497
498 /* we change the CMS id-data dissector to dissect as AuthenticatedSafe
499 not sure why PKCS#12 couldn't have used its own content type OID for AuthenticatedSafe */
500 dissector_handle=create_dissector_handle(dissect_AuthenticatedSafe_OCTETSTRING_PDU, proto_pkcs12);
501 dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
502
503 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
504 PFX_sequence, hf_index, ett_pkcs12_PFX);
505
506
507 /* restore the original dissector */
508 dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
509
510
511 return offset;
512 }
513
514
515 static const ber_sequence_t AuthenticatedSafe_sequence_of[1] = {
516 { &hf_pkcs12_AuthenticatedSafe_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_cms_ContentInfo },
517 };
518
519 static int
520 dissect_pkcs12_AuthenticatedSafe(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
521 dissector_handle_t dissector_handle;
522
523 /* we change the CMS id-data dissector to dissect as SafeContents */
524 dissector_handle=create_dissector_handle(dissect_SafeContents_OCTETSTRING_PDU, proto_pkcs12);
525 dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
526
527 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
528 AuthenticatedSafe_sequence_of, hf_index, ett_pkcs12_AuthenticatedSafe);
529
530
531 /* restore the original dissector */
532 dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
533
534
535 return offset;
536 }
537
538
539
540 static int
541 dissect_pkcs12_T_bagId(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
542 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
543
544 append_oid(actx->pinfo->pool, tree, object_identifier_id);
545 return offset;
546 }
547
548
549
550 static int
551 dissect_pkcs12_T_bagValue(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
552 if(object_identifier_id)
553 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
554
555
556 return offset;
557 }
558
559
560
561 static int
562 dissect_pkcs12_T_attrId(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
563 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
564
565 append_oid(actx->pinfo->pool, tree, object_identifier_id);
566 return offset;
567 }
568
569
570
571 static int
572 dissect_pkcs12_T_attrValues_item(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
573 if(object_identifier_id)
574 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
575
576
577 return offset;
578 }
579
580
581 static const ber_sequence_t T_attrValues_set_of[1] = {
582 { &hf_pkcs12_attrValues_item, BER_CLASS_ANY, 0, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_attrValues_item },
583 };
584
585 static int
586 dissect_pkcs12_T_attrValues(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
587 offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
588 T_attrValues_set_of, hf_index, ett_pkcs12_T_attrValues);
589
590 return offset;
591 }
592
593
594 static const ber_sequence_t PKCS12Attribute_sequence[] = {
595 { &hf_pkcs12_attrId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_attrId },
596 { &hf_pkcs12_attrValues , BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_attrValues },
597 { NULL, 0, 0, 0, NULL }
598 };
599
600 static int
601 dissect_pkcs12_PKCS12Attribute(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
602 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
603 PKCS12Attribute_sequence, hf_index, ett_pkcs12_PKCS12Attribute);
604
605 return offset;
606 }
607
608
609 static const ber_sequence_t SET_OF_PKCS12Attribute_set_of[1] = {
610 { &hf_pkcs12_bagAttributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkcs12_PKCS12Attribute },
611 };
612
613 static int
614 dissect_pkcs12_SET_OF_PKCS12Attribute(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
615 offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
616 SET_OF_PKCS12Attribute_set_of, hf_index, ett_pkcs12_SET_OF_PKCS12Attribute);
617
618 return offset;
619 }
620
621
622 static const ber_sequence_t SafeBag_sequence[] = {
623 { &hf_pkcs12_bagId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_bagId },
624 { &hf_pkcs12_bagValue , BER_CLASS_CON, 0, 0, dissect_pkcs12_T_bagValue },
625 { &hf_pkcs12_bagAttributes, BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_pkcs12_SET_OF_PKCS12Attribute },
626 { NULL, 0, 0, 0, NULL }
627 };
628
629 static int
630 dissect_pkcs12_SafeBag(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
631 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
632 SafeBag_sequence, hf_index, ett_pkcs12_SafeBag);
633
634 return offset;
635 }
636
637
638 static const ber_sequence_t SafeContents_sequence_of[1] = {
639 { &hf_pkcs12_SafeContents_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkcs12_SafeBag },
640 };
641
642 static int
643 dissect_pkcs12_SafeContents(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
644 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
645 SafeContents_sequence_of, hf_index, ett_pkcs12_SafeContents);
646
647 return offset;
648 }
649
650
651 static const value_string pkcs12_Version_vals[] = {
652 { 0, "v1" },
653 { 0, NULL }
654 };
655
656
657 static int
658 dissect_pkcs12_Version(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
659 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
660 NULL);
661
662 return offset;
663 }
664
665
666
667 static int
668 dissect_pkcs12_PrivateKey(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
669 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
670 NULL);
671
672 return offset;
673 }
674
675
676 static const ber_sequence_t Attributes_set_of[1] = {
677 { &hf_pkcs12_Attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509if_Attribute },
678 };
679
680 static int
681 dissect_pkcs12_Attributes(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
682 offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
683 Attributes_set_of, hf_index, ett_pkcs12_Attributes);
684
685 return offset;
686 }
687
688
689 static const ber_sequence_t PrivateKeyInfo_sequence[] = {
690 { &hf_pkcs12_privateKeyVersion, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_pkcs12_Version },
691 { &hf_pkcs12_privateKeyAlgorithm, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
692 { &hf_pkcs12_privateKey , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_PrivateKey },
693 { &hf_pkcs12_attributes , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG, dissect_pkcs12_Attributes },
694 { NULL, 0, 0, 0, NULL }
695 };
696
697 static int
698 dissect_pkcs12_PrivateKeyInfo(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
699 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
700 PrivateKeyInfo_sequence, hf_index, ett_pkcs12_PrivateKeyInfo);
701
702 return offset;
703 }
704
705
706
707 static int
708 dissect_pkcs12_KeyBag(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
709 offset = dissect_pkcs12_PrivateKeyInfo(implicit_tag, tvb, offset, actx, tree, hf_index);
710
711 return offset;
712 }
713
714
715
716 static int
717 dissect_pkcs12_EncryptedData(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
718 tvbuff_t *encrypted_tvb;
719 dissector_handle_t dissector_handle;
720
721 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
722 &encrypted_tvb);
723
724
725
726
727 dissector_handle=create_dissector_handle(dissect_PrivateKeyInfo_PDU, proto_pkcs12);
728 dissector_change_string("ber.oid", object_identifier_id, dissector_handle);
729
730 PBE_decrypt_data(object_identifier_id, encrypted_tvb, actx->pinfo, actx, actx->created_item);
731
732 /* restore the original dissector */
733 dissector_reset_string("ber.oid", object_identifier_id);
734
735 return offset;
736 }
737
738
739 static const ber_sequence_t EncryptedPrivateKeyInfo_sequence[] = {
740 { &hf_pkcs12_encryptionAlgorithm, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
741 { &hf_pkcs12_encryptedData, BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_EncryptedData },
742 { NULL, 0, 0, 0, NULL }
743 };
744
745 static int
746 dissect_pkcs12_EncryptedPrivateKeyInfo(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
747 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
748 EncryptedPrivateKeyInfo_sequence, hf_index, ett_pkcs12_EncryptedPrivateKeyInfo);
749
750 return offset;
751 }
752
753
754
755 static int
756 dissect_pkcs12_PKCS8ShroudedKeyBag(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
757 offset = dissect_pkcs12_EncryptedPrivateKeyInfo(implicit_tag, tvb, offset, actx, tree, hf_index);
758
759 return offset;
760 }
761
762
763
764 static int
765 dissect_pkcs12_T_certId(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
766 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
767
768 append_oid(actx->pinfo->pool, tree, object_identifier_id);
769 return offset;
770 }
771
772
773
774 static int
775 dissect_pkcs12_T_certValue(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
776 if(object_identifier_id)
777 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
778
779
780 return offset;
781 }
782
783
784 static const ber_sequence_t CertBag_sequence[] = {
785 { &hf_pkcs12_certId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_certId },
786 { &hf_pkcs12_certValue , BER_CLASS_CON, 0, 0, dissect_pkcs12_T_certValue },
787 { NULL, 0, 0, 0, NULL }
788 };
789
790 static int
791 dissect_pkcs12_CertBag(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
792 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
793 CertBag_sequence, hf_index, ett_pkcs12_CertBag);
794
795 return offset;
796 }
797
798
799
800 static int
801 dissect_pkcs12_T_crlId(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
802 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
803
804 append_oid(actx->pinfo->pool, tree, object_identifier_id);
805 return offset;
806 }
807
808
809
810 static int
811 dissect_pkcs12_T_crlValue(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
812 if(object_identifier_id)
813 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
814
815
816 return offset;
817 }
818
819
820 static const ber_sequence_t CRLBag_sequence[] = {
821 { &hf_pkcs12_crlId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_crlId },
822 { &hf_pkcs12_crlValue , BER_CLASS_CON, 0, 0, dissect_pkcs12_T_crlValue },
823 { NULL, 0, 0, 0, NULL }
824 };
825
826 static int
827 dissect_pkcs12_CRLBag(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
828 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
829 CRLBag_sequence, hf_index, ett_pkcs12_CRLBag);
830
831 return offset;
832 }
833
834
835
836 static int
837 dissect_pkcs12_T_secretTypeId(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
838 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
839
840 append_oid(actx->pinfo->pool, tree, object_identifier_id);
841 return offset;
842 }
843
844
845
846 static int
847 dissect_pkcs12_T_secretValue(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
848 if(object_identifier_id)
849 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
850
851
852 return offset;
853 }
854
855
856 static const ber_sequence_t SecretBag_sequence[] = {
857 { &hf_pkcs12_secretTypeId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_secretTypeId },
858 { &hf_pkcs12_secretValue , BER_CLASS_CON, 0, 0, dissect_pkcs12_T_secretValue },
859 { NULL, 0, 0, 0, NULL }
860 };
861
862 static int
863 dissect_pkcs12_SecretBag(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
864 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
865 SecretBag_sequence, hf_index, ett_pkcs12_SecretBag);
866
867 return offset;
868 }
869
870
871 static const ber_sequence_t PBEParameter_sequence[] = {
872 { &hf_pkcs12_salt , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_OCTET_STRING },
873 { &hf_pkcs12_iterationCount, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_pkcs12_INTEGER },
874 { NULL, 0, 0, 0, NULL }
875 };
876
877 static int
878 dissect_pkcs12_PBEParameter(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
879 /* initialise the encryption parameters */
880 PBE_reset_parameters();
881
882 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
883 PBEParameter_sequence, hf_index, ett_pkcs12_PBEParameter);
884
885 return offset;
886 }
887
888
889 static const value_string pkcs12_T_saltChoice_vals[] = {
890 { 0, "specified" },
891 { 1, "otherSource" },
892 { 0, NULL }
893 };
894
895 static const ber_choice_t T_saltChoice_choice[] = {
896 { 0, &hf_pkcs12_specified , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_OCTET_STRING },
897 { 1, &hf_pkcs12_otherSource , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
898 { 0, NULL, 0, 0, 0, NULL }
899 };
900
901 static int
902 dissect_pkcs12_T_saltChoice(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
903 offset = dissect_ber_choice(actx, tree, tvb, offset,
904 T_saltChoice_choice, hf_index, ett_pkcs12_T_saltChoice,
905 NULL);
906
907 return offset;
908 }
909
910
911
912 static int
913 dissect_pkcs12_INTEGER_1_MAX(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
914 offset = dissect_ber_integer64(implicit_tag, actx, tree, tvb, offset, hf_index,
915 NULL);
916
917 return offset;
918 }
919
920
921 static const ber_sequence_t PBKDF2Params_sequence[] = {
922 { &hf_pkcs12_saltChoice , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_pkcs12_T_saltChoice },
923 { &hf_pkcs12_iterationCount, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_pkcs12_INTEGER },
924 { &hf_pkcs12_keyLength , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_pkcs12_INTEGER_1_MAX },
925 { &hf_pkcs12_prf , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
926 { NULL, 0, 0, 0, NULL }
927 };
928
929 static int
930 dissect_pkcs12_PBKDF2Params(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
931 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
932 PBKDF2Params_sequence, hf_index, ett_pkcs12_PBKDF2Params);
933
934 return offset;
935 }
936
937
938 static const ber_sequence_t PBES2Params_sequence[] = {
939 { &hf_pkcs12_keyDerivationFunc, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
940 { &hf_pkcs12_encryptionScheme, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
941 { NULL, 0, 0, 0, NULL }
942 };
943
944 static int
945 dissect_pkcs12_PBES2Params(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
946 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
947 PBES2Params_sequence, hf_index, ett_pkcs12_PBES2Params);
948
949 return offset;
950 }
951
952
953 static const ber_sequence_t PBMAC1Params_sequence[] = {
954 { &hf_pkcs12_keyDerivationFunc, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
955 { &hf_pkcs12_messageAuthScheme, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
956 { NULL, 0, 0, 0, NULL }
957 };
958
959 static int
960 dissect_pkcs12_PBMAC1Params(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
961 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
962 PBMAC1Params_sequence, hf_index, ett_pkcs12_PBMAC1Params);
963
964 return offset;
965 }
966
967 /*--- PDUs ---*/
968
969 static int dissect_PFX_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
970 int offset = 0;
971 asn1_ctx_t asn1_ctx;
972 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
973 offset = dissect_pkcs12_PFX(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_PFX_PDU);
974 return offset;
975 }
976 static int dissect_SafeContents_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
977 int offset = 0;
978 asn1_ctx_t asn1_ctx;
979 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
980 offset = dissect_pkcs12_SafeContents(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_SafeContents_PDU);
981 return offset;
982 }
983 static int dissect_KeyBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
984 int offset = 0;
985 asn1_ctx_t asn1_ctx;
986 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
987 offset = dissect_pkcs12_KeyBag(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_KeyBag_PDU);
988 return offset;
989 }
990 static int dissect_PKCS8ShroudedKeyBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
991 int offset = 0;
992 asn1_ctx_t asn1_ctx;
993 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
994 offset = dissect_pkcs12_PKCS8ShroudedKeyBag(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_PKCS8ShroudedKeyBag_PDU);
995 return offset;
996 }
997 static int dissect_CertBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
998 int offset = 0;
999 asn1_ctx_t asn1_ctx;
1000 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1001 offset = dissect_pkcs12_CertBag(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_CertBag_PDU);
1002 return offset;
1003 }
1004 static int dissect_CRLBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
1005 int offset = 0;
1006 asn1_ctx_t asn1_ctx;
1007 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1008 offset = dissect_pkcs12_CRLBag(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_CRLBag_PDU);
1009 return offset;
1010 }
1011 static int dissect_SecretBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
1012 int offset = 0;
1013 asn1_ctx_t asn1_ctx;
1014 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1015 offset = dissect_pkcs12_SecretBag(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_SecretBag_PDU);
1016 return offset;
1017 }
1018 static int dissect_PrivateKeyInfo_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
1019 int offset = 0;
1020 asn1_ctx_t asn1_ctx;
1021 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1022 offset = dissect_pkcs12_PrivateKeyInfo(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_PrivateKeyInfo_PDU);
1023 return offset;
1024 }
1025 static int dissect_EncryptedPrivateKeyInfo_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
1026 int offset = 0;
1027 asn1_ctx_t asn1_ctx;
1028 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1029 offset = dissect_pkcs12_EncryptedPrivateKeyInfo(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_EncryptedPrivateKeyInfo_PDU);
1030 return offset;
1031 }
1032 static int dissect_PBEParameter_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
1033 int offset = 0;
1034 asn1_ctx_t asn1_ctx;
1035 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1036 offset = dissect_pkcs12_PBEParameter(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_PBEParameter_PDU);
1037 return offset;
1038 }
1039 static int dissect_PBKDF2Params_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
1040 int offset = 0;
1041 asn1_ctx_t asn1_ctx;
1042 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1043 offset = dissect_pkcs12_PBKDF2Params(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_PBKDF2Params_PDU);
1044 return offset;
1045 }
1046 static int dissect_PBES2Params_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
1047 int offset = 0;
1048 asn1_ctx_t asn1_ctx;
1049 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1050 offset = dissect_pkcs12_PBES2Params(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_PBES2Params_PDU);
1051 return offset;
1052 }
1053 static int dissect_PBMAC1Params_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
1054 int offset = 0;
1055 asn1_ctx_t asn1_ctx;
1056 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1057 offset = dissect_pkcs12_PBMAC1Params(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_PBMAC1Params_PDU);
1058 return offset;
1059 }
1060
1061
1062 static int strip_octet_string(tvbuff_t *tvb)
1063 {
1064 int8_t ber_class;
1065 bool pc, ind;
1066 int32_t tag;
1067 uint32_t len;
1068 int offset = 0;
1069
1070 /* PKCS#7 encodes the content as OCTET STRING, whereas CMS is just any ANY */
1071 /* if we use CMS (rather than PKCS#7) - which we are - we need to strip the OCTET STRING tag */
1072 /* before proceeding */
1073
1074 offset = get_ber_identifier(tvb, 0, &ber_class, &pc, &tag);
1075 offset = get_ber_length(tvb, offset, &len, &ind);
1076
1077 if((ber_class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_OCTETSTRING))
1078 return offset;
1079
1080 return 0;
1081
1082 }
1083
1084 static int dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) {
1085 int offset = 0;
1086 asn1_ctx_t asn1_ctx;
1087 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1088
1089 if((offset = strip_octet_string(tvb)) > 0)
1090 dissect_pkcs12_AuthenticatedSafe(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_AuthenticatedSafe_PDU);
1091 else
1092 proto_tree_add_expert(tree, pinfo, &ei_pkcs12_octet_string_expected, tvb, 0, 1);
1093 return tvb_captured_length(tvb);
1094 }
1095
1096 static int dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
1097 {
1098 int offset = 0;
1099 asn1_ctx_t asn1_ctx;
1100 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1101
1102 offset = strip_octet_string(tvb);
1103
1104 dissect_pkcs12_SafeContents(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_SafeContents_PDU);
1105 return tvb_captured_length(tvb);
1106 }
1107
1108 static int dissect_X509Certificate_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
1109 {
1110 int offset = 0;
1111 asn1_ctx_t asn1_ctx;
1112 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1113
1114 if((offset = strip_octet_string(tvb)) > 0)
1115 dissect_x509af_Certificate(false, tvb, offset, &asn1_ctx, tree, hf_pkcs12_X509Certificate_PDU);
1116 else
1117 proto_tree_add_expert(tree, pinfo, &ei_pkcs12_octet_string_expected, tvb, 0, 1);
1118
1119 return tvb_captured_length(tvb);
1120 }
1121
1122 /*--- proto_register_pkcs12 ----------------------------------------------*/
1123 void proto_register_pkcs12(void) {
1124
1125 /* List of fields */
1126 static hf_register_info hf[] = {
1127 { &hf_pkcs12_X509Certificate_PDU,
1128 { "X509Certificate", "pkcs12.X509Certificate",
1129 FT_NONE, BASE_NONE, NULL, 0,
1130 "pkcs12.X509Certificate", HFILL }},
1131 { &hf_pkcs12_AuthenticatedSafe_PDU,
1132 { "AuthenticatedSafe", "pkcs12.AuthenticatedSafe",
1133 FT_UINT32, BASE_DEC, NULL, 0,
1134 NULL, HFILL }},
1135
1136 { &hf_pkcs12_PFX_PDU,
1137 { "PFX", "pkcs12.PFX_element",
1138 FT_NONE, BASE_NONE, NULL, 0,
1139 NULL, HFILL }},
1140 { &hf_pkcs12_SafeContents_PDU,
1141 { "SafeContents", "pkcs12.SafeContents",
1142 FT_UINT32, BASE_DEC, NULL, 0,
1143 NULL, HFILL }},
1144 { &hf_pkcs12_KeyBag_PDU,
1145 { "KeyBag", "pkcs12.KeyBag_element",
1146 FT_NONE, BASE_NONE, NULL, 0,
1147 NULL, HFILL }},
1148 { &hf_pkcs12_PKCS8ShroudedKeyBag_PDU,
1149 { "PKCS8ShroudedKeyBag", "pkcs12.PKCS8ShroudedKeyBag_element",
1150 FT_NONE, BASE_NONE, NULL, 0,
1151 NULL, HFILL }},
1152 { &hf_pkcs12_CertBag_PDU,
1153 { "CertBag", "pkcs12.CertBag_element",
1154 FT_NONE, BASE_NONE, NULL, 0,
1155 NULL, HFILL }},
1156 { &hf_pkcs12_CRLBag_PDU,
1157 { "CRLBag", "pkcs12.CRLBag_element",
1158 FT_NONE, BASE_NONE, NULL, 0,
1159 NULL, HFILL }},
1160 { &hf_pkcs12_SecretBag_PDU,
1161 { "SecretBag", "pkcs12.SecretBag_element",
1162 FT_NONE, BASE_NONE, NULL, 0,
1163 NULL, HFILL }},
1164 { &hf_pkcs12_PrivateKeyInfo_PDU,
1165 { "PrivateKeyInfo", "pkcs12.PrivateKeyInfo_element",
1166 FT_NONE, BASE_NONE, NULL, 0,
1167 NULL, HFILL }},
1168 { &hf_pkcs12_EncryptedPrivateKeyInfo_PDU,
1169 { "EncryptedPrivateKeyInfo", "pkcs12.EncryptedPrivateKeyInfo_element",
1170 FT_NONE, BASE_NONE, NULL, 0,
1171 NULL, HFILL }},
1172 { &hf_pkcs12_PBEParameter_PDU,
1173 { "PBEParameter", "pkcs12.PBEParameter_element",
1174 FT_NONE, BASE_NONE, NULL, 0,
1175 NULL, HFILL }},
1176 { &hf_pkcs12_PBKDF2Params_PDU,
1177 { "PBKDF2Params", "pkcs12.PBKDF2Params_element",
1178 FT_NONE, BASE_NONE, NULL, 0,
1179 NULL, HFILL }},
1180 { &hf_pkcs12_PBES2Params_PDU,
1181 { "PBES2Params", "pkcs12.PBES2Params_element",
1182 FT_NONE, BASE_NONE, NULL, 0,
1183 NULL, HFILL }},
1184 { &hf_pkcs12_PBMAC1Params_PDU,
1185 { "PBMAC1Params", "pkcs12.PBMAC1Params_element",
1186 FT_NONE, BASE_NONE, NULL, 0,
1187 NULL, HFILL }},
1188 { &hf_pkcs12_version,
1189 { "version", "pkcs12.version",
1190 FT_UINT32, BASE_DEC, VALS(pkcs12_T_version_vals), 0,
1191 NULL, HFILL }},
1192 { &hf_pkcs12_authSafe,
1193 { "authSafe", "pkcs12.authSafe_element",
1194 FT_NONE, BASE_NONE, NULL, 0,
1195 "ContentInfo", HFILL }},
1196 { &hf_pkcs12_macData,
1197 { "macData", "pkcs12.macData_element",
1198 FT_NONE, BASE_NONE, NULL, 0,
1199 NULL, HFILL }},
1200 { &hf_pkcs12_mac,
1201 { "mac", "pkcs12.mac_element",
1202 FT_NONE, BASE_NONE, NULL, 0,
1203 "DigestInfo", HFILL }},
1204 { &hf_pkcs12_macSalt,
1205 { "macSalt", "pkcs12.macSalt",
1206 FT_BYTES, BASE_NONE, NULL, 0,
1207 "OCTET_STRING", HFILL }},
1208 { &hf_pkcs12_iterations,
1209 { "iterations", "pkcs12.iterations",
1210 FT_INT32, BASE_DEC, NULL, 0,
1211 "INTEGER", HFILL }},
1212 { &hf_pkcs12_AuthenticatedSafe_item,
1213 { "ContentInfo", "pkcs12.ContentInfo_element",
1214 FT_NONE, BASE_NONE, NULL, 0,
1215 NULL, HFILL }},
1216 { &hf_pkcs12_SafeContents_item,
1217 { "SafeBag", "pkcs12.SafeBag_element",
1218 FT_NONE, BASE_NONE, NULL, 0,
1219 NULL, HFILL }},
1220 { &hf_pkcs12_bagId,
1221 { "bagId", "pkcs12.bagId",
1222 FT_OID, BASE_NONE, NULL, 0,
1223 NULL, HFILL }},
1224 { &hf_pkcs12_bagValue,
1225 { "bagValue", "pkcs12.bagValue_element",
1226 FT_NONE, BASE_NONE, NULL, 0,
1227 NULL, HFILL }},
1228 { &hf_pkcs12_bagAttributes,
1229 { "bagAttributes", "pkcs12.bagAttributes",
1230 FT_UINT32, BASE_DEC, NULL, 0,
1231 "SET_OF_PKCS12Attribute", HFILL }},
1232 { &hf_pkcs12_bagAttributes_item,
1233 { "PKCS12Attribute", "pkcs12.PKCS12Attribute_element",
1234 FT_NONE, BASE_NONE, NULL, 0,
1235 NULL, HFILL }},
1236 { &hf_pkcs12_certId,
1237 { "certId", "pkcs12.certId",
1238 FT_OID, BASE_NONE, NULL, 0,
1239 NULL, HFILL }},
1240 { &hf_pkcs12_certValue,
1241 { "certValue", "pkcs12.certValue_element",
1242 FT_NONE, BASE_NONE, NULL, 0,
1243 NULL, HFILL }},
1244 { &hf_pkcs12_crlId,
1245 { "crlId", "pkcs12.crlId",
1246 FT_OID, BASE_NONE, NULL, 0,
1247 NULL, HFILL }},
1248 { &hf_pkcs12_crlValue,
1249 { "crlValue", "pkcs12.crlValue_element",
1250 FT_NONE, BASE_NONE, NULL, 0,
1251 NULL, HFILL }},
1252 { &hf_pkcs12_secretTypeId,
1253 { "secretTypeId", "pkcs12.secretTypeId",
1254 FT_OID, BASE_NONE, NULL, 0,
1255 NULL, HFILL }},
1256 { &hf_pkcs12_secretValue,
1257 { "secretValue", "pkcs12.secretValue_element",
1258 FT_NONE, BASE_NONE, NULL, 0,
1259 NULL, HFILL }},
1260 { &hf_pkcs12_attrId,
1261 { "attrId", "pkcs12.attrId",
1262 FT_OID, BASE_NONE, NULL, 0,
1263 NULL, HFILL }},
1264 { &hf_pkcs12_attrValues,
1265 { "attrValues", "pkcs12.attrValues",
1266 FT_UINT32, BASE_DEC, NULL, 0,
1267 NULL, HFILL }},
1268 { &hf_pkcs12_attrValues_item,
1269 { "attrValues item", "pkcs12.attrValues_item_element",
1270 FT_NONE, BASE_NONE, NULL, 0,
1271 NULL, HFILL }},
1272 { &hf_pkcs12_privateKeyVersion,
1273 { "version", "pkcs12.version",
1274 FT_UINT32, BASE_DEC, VALS(pkcs12_Version_vals), 0,
1275 NULL, HFILL }},
1276 { &hf_pkcs12_privateKeyAlgorithm,
1277 { "privateKeyAlgorithm", "pkcs12.privateKeyAlgorithm_element",
1278 FT_NONE, BASE_NONE, NULL, 0,
1279 "AlgorithmIdentifier", HFILL }},
1280 { &hf_pkcs12_privateKey,
1281 { "privateKey", "pkcs12.privateKey",
1282 FT_BYTES, BASE_NONE, NULL, 0,
1283 NULL, HFILL }},
1284 { &hf_pkcs12_attributes,
1285 { "attributes", "pkcs12.attributes",
1286 FT_UINT32, BASE_DEC, NULL, 0,
1287 NULL, HFILL }},
1288 { &hf_pkcs12_Attributes_item,
1289 { "Attribute", "pkcs12.Attribute_element",
1290 FT_NONE, BASE_NONE, NULL, 0,
1291 NULL, HFILL }},
1292 { &hf_pkcs12_encryptionAlgorithm,
1293 { "encryptionAlgorithm", "pkcs12.encryptionAlgorithm_element",
1294 FT_NONE, BASE_NONE, NULL, 0,
1295 "AlgorithmIdentifier", HFILL }},
1296 { &hf_pkcs12_encryptedData,
1297 { "encryptedData", "pkcs12.encryptedData",
1298 FT_BYTES, BASE_NONE, NULL, 0,
1299 NULL, HFILL }},
1300 { &hf_pkcs12_salt,
1301 { "salt", "pkcs12.salt",
1302 FT_BYTES, BASE_NONE, NULL, 0,
1303 "OCTET_STRING", HFILL }},
1304 { &hf_pkcs12_iterationCount,
1305 { "iterationCount", "pkcs12.iterationCount",
1306 FT_INT32, BASE_DEC, NULL, 0,
1307 "INTEGER", HFILL }},
1308 { &hf_pkcs12_saltChoice,
1309 { "salt", "pkcs12.salt",
1310 FT_UINT32, BASE_DEC, VALS(pkcs12_T_saltChoice_vals), 0,
1311 "T_saltChoice", HFILL }},
1312 { &hf_pkcs12_specified,
1313 { "specified", "pkcs12.specified",
1314 FT_BYTES, BASE_NONE, NULL, 0,
1315 "OCTET_STRING", HFILL }},
1316 { &hf_pkcs12_otherSource,
1317 { "otherSource", "pkcs12.otherSource_element",
1318 FT_NONE, BASE_NONE, NULL, 0,
1319 "AlgorithmIdentifier", HFILL }},
1320 { &hf_pkcs12_keyLength,
1321 { "keyLength", "pkcs12.keyLength",
1322 FT_UINT64, BASE_DEC, NULL, 0,
1323 "INTEGER_1_MAX", HFILL }},
1324 { &hf_pkcs12_prf,
1325 { "prf", "pkcs12.prf_element",
1326 FT_NONE, BASE_NONE, NULL, 0,
1327 "AlgorithmIdentifier", HFILL }},
1328 { &hf_pkcs12_keyDerivationFunc,
1329 { "keyDerivationFunc", "pkcs12.keyDerivationFunc_element",
1330 FT_NONE, BASE_NONE, NULL, 0,
1331 "AlgorithmIdentifier", HFILL }},
1332 { &hf_pkcs12_encryptionScheme,
1333 { "encryptionScheme", "pkcs12.encryptionScheme_element",
1334 FT_NONE, BASE_NONE, NULL, 0,
1335 "AlgorithmIdentifier", HFILL }},
1336 { &hf_pkcs12_messageAuthScheme,
1337 { "messageAuthScheme", "pkcs12.messageAuthScheme_element",
1338 FT_NONE, BASE_NONE, NULL, 0,
1339 "AlgorithmIdentifier", HFILL }},
1340 };
1341
1342 /* List of subtrees */
1343 static int *ett[] = {
1344 &ett_decrypted_pbe,
1345 &ett_pkcs12_PFX,
1346 &ett_pkcs12_MacData,
1347 &ett_pkcs12_AuthenticatedSafe,
1348 &ett_pkcs12_SafeContents,
1349 &ett_pkcs12_SafeBag,
1350 &ett_pkcs12_SET_OF_PKCS12Attribute,
1351 &ett_pkcs12_CertBag,
1352 &ett_pkcs12_CRLBag,
1353 &ett_pkcs12_SecretBag,
1354 &ett_pkcs12_PKCS12Attribute,
1355 &ett_pkcs12_T_attrValues,
1356 &ett_pkcs12_PrivateKeyInfo,
1357 &ett_pkcs12_Attributes,
1358 &ett_pkcs12_EncryptedPrivateKeyInfo,
1359 &ett_pkcs12_PBEParameter,
1360 &ett_pkcs12_PBKDF2Params,
1361 &ett_pkcs12_T_saltChoice,
1362 &ett_pkcs12_PBES2Params,
1363 &ett_pkcs12_PBMAC1Params,
1364 };
1365 static ei_register_info ei[] = {
1366 { &ei_pkcs12_octet_string_expected, { "pkcs12.octet_string_expected", PI_PROTOCOL, PI_WARN, "BER Error: OCTET STRING expected", EXPFILL }},
1367 };
1368
1369 module_t *pkcs12_module;
1370 expert_module_t* expert_pkcs12;
1371
1372 /* Register protocol */
1373 proto_pkcs12 = proto_register_protocol(PNAME, PSNAME, PFNAME);
1374
1375 /* Register fields and subtrees */
1376 proto_register_field_array(proto_pkcs12, hf, array_length(hf));
1377 proto_register_subtree_array(ett, array_length(ett));
1378 expert_pkcs12 = expert_register_protocol(proto_pkcs12);
1379 expert_register_field_array(expert_pkcs12, ei, array_length(ei));
1380
1381 /* Register preferences */
1382 pkcs12_module = prefs_register_protocol(proto_pkcs12, NULL);
1383
1384 prefs_register_string_preference(pkcs12_module, "password",
1385 "Password to decrypt the file with",
1386 "The password to used to decrypt the encrypted elements within"
1387 " the PKCS#12 file", &password);
1388
1389 prefs_register_bool_preference(pkcs12_module, "try_null_password",
1390 "Try to decrypt with a empty password",
1391 "Whether to try and decrypt the encrypted data within the"
1392 " PKCS#12 with a NULL password", &try_null_password);
1393
1394 register_ber_syntax_dissector("PKCS#12", proto_pkcs12, dissect_PFX_PDU);
1395 register_ber_oid_syntax(".p12", NULL, "PKCS#12");
1396 register_ber_oid_syntax(".pfx", NULL, "PKCS#12");
1397 }
1398
1399
1400 /*--- proto_reg_handoff_pkcs12 -------------------------------------------*/
1401 void proto_reg_handoff_pkcs12(void) {
1402 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.1", dissect_KeyBag_PDU, proto_pkcs12, "keyBag");
1403 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.2", dissect_PKCS8ShroudedKeyBag_PDU, proto_pkcs12, "pkcs8ShroudedKeyBag");
1404 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.3", dissect_CertBag_PDU, proto_pkcs12, "certBag");
1405 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.4", dissect_SecretBag_PDU, proto_pkcs12, "secretBag");
1406 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.5", dissect_CRLBag_PDU, proto_pkcs12, "crlBag");
1407 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.6", dissect_SafeContents_PDU, proto_pkcs12, "safeContentsBag");
1408 register_ber_oid_dissector("2.16.840.1.113730.3.1.216", dissect_PFX_PDU, proto_pkcs12, "pkcs-9-at-PKCS12");
1409 register_ber_oid_dissector("1.2.840.113549.1.9.25.2", dissect_EncryptedPrivateKeyInfo_PDU, proto_pkcs12, "pkcs-9-at-encryptedPrivateKeyInfo");
1410 register_ber_oid_dissector("1.2.840.113549.1.12.1.1", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd128BitRC4");
1411 register_ber_oid_dissector("1.2.840.113549.1.12.1.2", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd40BitRC4");
1412 register_ber_oid_dissector("1.2.840.113549.1.12.1.3", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd3-KeyTripleDES-CBC");
1413 register_ber_oid_dissector("1.2.840.113549.1.12.1.4", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd2-KeyTripleDES-CBC");
1414 register_ber_oid_dissector("1.2.840.113549.1.12.1.5", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd128BitRC2-CBC");
1415 register_ber_oid_dissector("1.2.840.113549.1.12.1.6", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd40BitRC2-CBC");
1416 register_ber_oid_dissector("1.2.840.113549.1.5.1", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD2AndDES-CBC");
1417 register_ber_oid_dissector("1.2.840.113549.1.5.3", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD5AndDES-CBC");
1418 register_ber_oid_dissector("1.2.840.113549.1.5.4", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD2AndRC2-CBC");
1419 register_ber_oid_dissector("1.2.840.113549.1.5.6", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD5AndRC2-CBC");
1420 register_ber_oid_dissector("1.2.840.113549.1.5.10", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHA1AndDES-CBC");
1421 register_ber_oid_dissector("1.2.840.113549.1.5.11", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHA1AndRC2-CBC");
1422 register_ber_oid_dissector("1.2.840.113549.1.5.12", dissect_PBKDF2Params_PDU, proto_pkcs12, "id-PBKDF2");
1423 register_ber_oid_dissector("1.2.840.113549.1.5.13", dissect_PBES2Params_PDU, proto_pkcs12, "id-PBES2");
1424 register_ber_oid_dissector("1.2.840.113549.1.5.14", dissect_PBMAC1Params_PDU, proto_pkcs12, "id-PBMAC1");
1425
1426
1427 register_ber_oid_dissector("1.2.840.113549.1.9.22.1", dissect_X509Certificate_OCTETSTRING_PDU, proto_pkcs12, "x509Certificate");
1428
1429 }
1430
Metzes wireshark repo