search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"
[wireshark-sm.git] / epan / dissectors / packet-x509af.c
blob06ad4a959a9f437d5019c334acef11f7fee3f9c0
1 /* Do not modify this file. Changes will be overwritten. */
2 /* Generated automatically by the ASN.1 to Wireshark dissector compiler */
3 /* packet-x509af.c */
4 /* asn2wrs.py -b -q -L -p x509af -c ./x509af.cnf -s ./packet-x509af-template -D . -O ../.. AuthenticationFramework.asn */
5
6 /* packet-x509af.c
7 * Routines for X.509 Authentication Framework packet dissection
8 * Ronnie Sahlberg 2004
9 *
10 * Wireshark - Network traffic analyzer
11 * By Gerald Combs <gerald@wireshark.org>
12 * Copyright 1998 Gerald Combs
13 *
14 * SPDX-License-Identifier: GPL-2.0-or-later
15 */
16
17 #include "config.h"
18
19 #include <epan/packet.h>
20 #include <epan/oids.h>
21 #include <epan/asn1.h>
22 #include <epan/strutil.h>
23 #include <epan/export_object.h>
24 #include <epan/proto_data.h>
25 #include <wsutil/array.h>
26
27 #include "packet-ber.h"
28 #include "packet-x509af.h"
29 #include "packet-x509ce.h"
30 #include "packet-x509if.h"
31 #include "packet-x509sat.h"
32 #include "packet-ldap.h"
33 #include "packet-pkcs1.h"
34 #if defined(HAVE_LIBGNUTLS)
35 #include <gnutls/gnutls.h>
36 #endif
37
38 #define PNAME "X.509 Authentication Framework"
39 #define PSNAME "X509AF"
40 #define PFNAME "x509af"
41
42 void proto_register_x509af(void);
43 void proto_reg_handoff_x509af(void);
44
45 static dissector_handle_t pkix_crl_handle;
46
47 static int x509af_eo_tap;
48
49 /* Initialize the protocol and registered fields */
50 static int proto_x509af;
51 static int hf_x509af_algorithm_id;
52 static int hf_x509af_extension_id;
53 static int hf_x509af_x509af_Certificate_PDU; /* Certificate */
54 static int hf_x509af_SubjectPublicKeyInfo_PDU; /* SubjectPublicKeyInfo */
55 static int hf_x509af_CertificatePair_PDU; /* CertificatePair */
56 static int hf_x509af_CertificateList_PDU; /* CertificateList */
57 static int hf_x509af_AttributeCertificate_PDU; /* AttributeCertificate */
58 static int hf_x509af_DSS_Params_PDU; /* DSS_Params */
59 static int hf_x509af_Userid_PDU; /* Userid */
60 static int hf_x509af_signedCertificate; /* T_signedCertificate */
61 static int hf_x509af_version; /* Version */
62 static int hf_x509af_serialNumber; /* CertificateSerialNumber */
63 static int hf_x509af_signature; /* AlgorithmIdentifier */
64 static int hf_x509af_issuer; /* Name */
65 static int hf_x509af_validity; /* Validity */
66 static int hf_x509af_subject; /* SubjectName */
67 static int hf_x509af_subjectPublicKeyInfo; /* SubjectPublicKeyInfo */
68 static int hf_x509af_issuerUniqueIdentifier; /* UniqueIdentifier */
69 static int hf_x509af_subjectUniqueIdentifier; /* UniqueIdentifier */
70 static int hf_x509af_extensions; /* Extensions */
71 static int hf_x509af_algorithmIdentifier; /* AlgorithmIdentifier */
72 static int hf_x509af_encrypted; /* BIT_STRING */
73 static int hf_x509af_rdnSequence; /* RDNSequence */
74 static int hf_x509af_algorithmId; /* T_algorithmId */
75 static int hf_x509af_parameters; /* T_parameters */
76 static int hf_x509af_notBefore; /* Time */
77 static int hf_x509af_notAfter; /* Time */
78 static int hf_x509af_algorithm; /* AlgorithmIdentifier */
79 static int hf_x509af_subjectPublicKey; /* T_subjectPublicKey */
80 static int hf_x509af_utcTime; /* T_utcTime */
81 static int hf_x509af_generalizedTime; /* GeneralizedTime */
82 static int hf_x509af_Extensions_item; /* Extension */
83 static int hf_x509af_extnId; /* T_extnId */
84 static int hf_x509af_critical; /* BOOLEAN */
85 static int hf_x509af_extnValue; /* T_extnValue */
86 static int hf_x509af_userCertificate; /* Certificate */
87 static int hf_x509af_certificationPath; /* ForwardCertificationPath */
88 static int hf_x509af_ForwardCertificationPath_item; /* CrossCertificates */
89 static int hf_x509af_CrossCertificates_item; /* Certificate */
90 static int hf_x509af_theCACertificates; /* SEQUENCE_OF_CertificatePair */
91 static int hf_x509af_theCACertificates_item; /* CertificatePair */
92 static int hf_x509af_issuedByThisCA; /* Certificate */
93 static int hf_x509af_issuedToThisCA; /* Certificate */
94 static int hf_x509af_signedCertificateList; /* T_signedCertificateList */
95 static int hf_x509af_thisUpdate; /* Time */
96 static int hf_x509af_nextUpdate; /* Time */
97 static int hf_x509af_revokedCertificates; /* T_revokedCertificates */
98 static int hf_x509af_revokedCertificates_item; /* T_revokedCertificates_item */
99 static int hf_x509af_revokedUserCertificate; /* CertificateSerialNumber */
100 static int hf_x509af_revocationDate; /* Time */
101 static int hf_x509af_crlEntryExtensions; /* Extensions */
102 static int hf_x509af_crlExtensions; /* Extensions */
103 static int hf_x509af_attributeCertificate; /* AttributeCertificate */
104 static int hf_x509af_acPath; /* SEQUENCE_OF_ACPathData */
105 static int hf_x509af_acPath_item; /* ACPathData */
106 static int hf_x509af_certificate; /* Certificate */
107 static int hf_x509af_signedAttributeCertificateInfo; /* AttributeCertificateInfo */
108 static int hf_x509af_info_subject; /* InfoSubject */
109 static int hf_x509af_baseCertificateID; /* IssuerSerial */
110 static int hf_x509af_infoSubjectName; /* GeneralNames */
111 static int hf_x509af_issuerName; /* GeneralNames */
112 static int hf_x509af_attCertValidityPeriod; /* AttCertValidityPeriod */
113 static int hf_x509af_attributes; /* SEQUENCE_OF_Attribute */
114 static int hf_x509af_attributes_item; /* Attribute */
115 static int hf_x509af_issuerUniqueID; /* UniqueIdentifier */
116 static int hf_x509af_serial; /* CertificateSerialNumber */
117 static int hf_x509af_issuerUID; /* UniqueIdentifier */
118 static int hf_x509af_notBeforeTime; /* GeneralizedTime */
119 static int hf_x509af_notAfterTime; /* GeneralizedTime */
120 static int hf_x509af_assertion_subject; /* AssertionSubject */
121 static int hf_x509af_assertionSubjectName; /* SubjectName */
122 static int hf_x509af_assertionIssuer; /* Name */
123 static int hf_x509af_attCertValidity; /* GeneralizedTime */
124 static int hf_x509af_attType; /* SET_OF_AttributeType */
125 static int hf_x509af_attType_item; /* AttributeType */
126 static int hf_x509af_p; /* INTEGER */
127 static int hf_x509af_q; /* INTEGER */
128 static int hf_x509af_g; /* INTEGER */
129
130 /* Initialize the subtree pointers */
131 static int ett_pkix_crl;
132 static int ett_x509af_Certificate;
133 static int ett_x509af_T_signedCertificate;
134 static int ett_x509af_SubjectName;
135 static int ett_x509af_AlgorithmIdentifier;
136 static int ett_x509af_Validity;
137 static int ett_x509af_SubjectPublicKeyInfo;
138 static int ett_x509af_Time;
139 static int ett_x509af_Extensions;
140 static int ett_x509af_Extension;
141 static int ett_x509af_Certificates;
142 static int ett_x509af_ForwardCertificationPath;
143 static int ett_x509af_CrossCertificates;
144 static int ett_x509af_CertificationPath;
145 static int ett_x509af_SEQUENCE_OF_CertificatePair;
146 static int ett_x509af_CertificatePair;
147 static int ett_x509af_CertificateList;
148 static int ett_x509af_T_signedCertificateList;
149 static int ett_x509af_T_revokedCertificates;
150 static int ett_x509af_T_revokedCertificates_item;
151 static int ett_x509af_AttributeCertificationPath;
152 static int ett_x509af_SEQUENCE_OF_ACPathData;
153 static int ett_x509af_ACPathData;
154 static int ett_x509af_AttributeCertificate;
155 static int ett_x509af_AttributeCertificateInfo;
156 static int ett_x509af_InfoSubject;
157 static int ett_x509af_SEQUENCE_OF_Attribute;
158 static int ett_x509af_IssuerSerial;
159 static int ett_x509af_AttCertValidityPeriod;
160 static int ett_x509af_AttributeCertificateAssertion;
161 static int ett_x509af_AssertionSubject;
162 static int ett_x509af_SET_OF_AttributeType;
163 static int ett_x509af_DSS_Params;
164 static const char *algorithm_id;
165 static void
166 x509af_export_publickey(tvbuff_t *tvb, asn1_ctx_t *actx, int offset, int len);
167
168 typedef struct _x509af_eo_t {
169 const char *subjectname;
170 char *serialnum;
171 tvbuff_t *payload;
172 } x509af_eo_t;
173
174
175 const value_string x509af_Version_vals[] = {
176 { 0, "v1" },
177 { 1, "v2" },
178 { 2, "v3" },
179 { 0, NULL }
180 };
181
182
183 int
184 dissect_x509af_Version(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
185 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
186 NULL);
187
188 return offset;
189 }
190
191
192
193 int
194 dissect_x509af_CertificateSerialNumber(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
195 int start_offset = offset;
196 offset = dissect_ber_integer64(implicit_tag, actx, tree, tvb, offset, hf_index,
197 NULL);
198
199 x509af_eo_t *eo_info = p_get_proto_data(actx->pinfo->pool, actx->pinfo, proto_x509af, 0);
200 if (eo_info) {
201 uint32_t len;
202 start_offset = get_ber_identifier(tvb, start_offset, NULL, NULL, NULL);
203 start_offset = get_ber_length(tvb, start_offset, &len, NULL);
204 eo_info->serialnum = tvb_bytes_to_str(actx->pinfo->pool, tvb, start_offset, len);
205 }
206
207
208 return offset;
209 }
210
211
212
213 static int
214 dissect_x509af_T_algorithmId(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
215 const char *name;
216
217 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_x509af_algorithm_id, &actx->external.direct_reference);
218
219
220 if (algorithm_id) {
221 wmem_free(wmem_file_scope(), (void*)algorithm_id);
222 }
223
224 if(actx->external.direct_reference) {
225 algorithm_id = (const char *)wmem_strdup(wmem_file_scope(), actx->external.direct_reference);
226
227 name = oid_resolved_from_string(actx->pinfo->pool, actx->external.direct_reference);
228
229 proto_item_append_text(tree, " (%s)", name ? name : actx->external.direct_reference);
230 } else {
231 algorithm_id = NULL;
232 }
233
234
235 return offset;
236 }
237
238
239
240 static int
241 dissect_x509af_T_parameters(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
242 offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL);
243
244
245 return offset;
246 }
247
248
249 static const ber_sequence_t AlgorithmIdentifier_sequence[] = {
250 { &hf_x509af_algorithmId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_x509af_T_algorithmId },
251 { &hf_x509af_parameters , BER_CLASS_ANY, 0, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_T_parameters },
252 { NULL, 0, 0, 0, NULL }
253 };
254
255 int
256 dissect_x509af_AlgorithmIdentifier(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
257 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
258 AlgorithmIdentifier_sequence, hf_index, ett_x509af_AlgorithmIdentifier);
259
260 return offset;
261 }
262
263
264
265 static int
266 dissect_x509af_T_utcTime(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
267 char *outstr, *newstr;
268 uint32_t tvblen;
269
270 /* the 2-digit year can only be in the range 1950..2049 https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 */
271 offset = dissect_ber_UTCTime(implicit_tag, actx, tree, tvb, offset, hf_index, &outstr, &tvblen);
272 if (hf_index > 0 && outstr) {
273 newstr = wmem_strconcat(actx->pinfo->pool, outstr[0] < '5' ? "20": "19", outstr, NULL);
274 proto_tree_add_string(tree, hf_index, tvb, offset - tvblen, tvblen, newstr);
275 }
276
277
278 return offset;
279 }
280
281
282
283 static int
284 dissect_x509af_GeneralizedTime(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
285 offset = dissect_ber_GeneralizedTime(implicit_tag, actx, tree, tvb, offset, hf_index);
286
287 return offset;
288 }
289
290
291 const value_string x509af_Time_vals[] = {
292 { 0, "utcTime" },
293 { 1, "generalizedTime" },
294 { 0, NULL }
295 };
296
297 static const ber_choice_t Time_choice[] = {
298 { 0, &hf_x509af_utcTime , BER_CLASS_UNI, BER_UNI_TAG_UTCTime, BER_FLAGS_NOOWNTAG, dissect_x509af_T_utcTime },
299 { 1, &hf_x509af_generalizedTime, BER_CLASS_UNI, BER_UNI_TAG_GeneralizedTime, BER_FLAGS_NOOWNTAG, dissect_x509af_GeneralizedTime },
300 { 0, NULL, 0, 0, 0, NULL }
301 };
302
303 int
304 dissect_x509af_Time(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
305 offset = dissect_ber_choice(actx, tree, tvb, offset,
306 Time_choice, hf_index, ett_x509af_Time,
307 NULL);
308
309 return offset;
310 }
311
312
313 static const ber_sequence_t Validity_sequence[] = {
314 { &hf_x509af_notBefore , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_x509af_Time },
315 { &hf_x509af_notAfter , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_x509af_Time },
316 { NULL, 0, 0, 0, NULL }
317 };
318
319 int
320 dissect_x509af_Validity(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
321 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
322 Validity_sequence, hf_index, ett_x509af_Validity);
323
324 return offset;
325 }
326
327
328 static const value_string x509af_SubjectName_vals[] = {
329 { 0, "rdnSequence" },
330 { 0, NULL }
331 };
332
333 static const ber_choice_t SubjectName_choice[] = {
334 { 0, &hf_x509af_rdnSequence , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509if_RDNSequence },
335 { 0, NULL, 0, 0, 0, NULL }
336 };
337
338 static int
339 dissect_x509af_SubjectName(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
340
341 const char* str;
342 offset = dissect_ber_choice(actx, tree, tvb, offset,
343 SubjectName_choice, hf_index, ett_x509af_SubjectName,
344 NULL);
345
346
347 str = x509if_get_last_dn();
348 proto_item_append_text(proto_item_get_parent(tree), " (%s)", str?str:"");
349 x509af_eo_t *eo_info = p_get_proto_data(actx->pinfo->pool, actx->pinfo, proto_x509af, 0);
350 if (eo_info) {
351 eo_info->subjectname = str;
352 }
353
354
355 return offset;
356 }
357
358
359
360 static int
361 dissect_x509af_T_subjectPublicKey(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
362 tvbuff_t *bs_tvb = NULL;
363
364 dissect_ber_bitstring(false, actx, NULL, tvb, offset,
365 NULL, 0, hf_index, -1, &bs_tvb);
366
367 /* See RFC 3279 for possible subjectPublicKey values given an Algorithm ID.
368 * The contents of subjectPublicKey are always explicitly tagged. */
369 if (bs_tvb && !g_strcmp0(algorithm_id, "1.2.840.113549.1.1.1")) { /* id-rsa */
370 offset += dissect_pkcs1_RSAPublicKey(false, bs_tvb, 0, actx, tree, hf_index);
371
372 } else {
373 offset = dissect_ber_bitstring(false, actx, tree, tvb, offset,
374 NULL, 0, hf_index, -1, NULL);
375 }
376
377
378 return offset;
379 }
380
381
382 static const ber_sequence_t SubjectPublicKeyInfo_sequence[] = {
383 { &hf_x509af_algorithm , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
384 { &hf_x509af_subjectPublicKey, BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_x509af_T_subjectPublicKey },
385 { NULL, 0, 0, 0, NULL }
386 };
387
388 int
389 dissect_x509af_SubjectPublicKeyInfo(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
390 int orig_offset = offset;
391 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
392 SubjectPublicKeyInfo_sequence, hf_index, ett_x509af_SubjectPublicKeyInfo);
393
394 x509af_export_publickey(tvb, actx, orig_offset, offset - orig_offset);
395 return offset;
396 }
397
398
399
400 static int
401 dissect_x509af_T_extnId(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
402 const char *name;
403
404 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_x509af_extension_id, &actx->external.direct_reference);
405
406
407 if(actx->external.direct_reference) {
408 name = oid_resolved_from_string(actx->pinfo->pool, actx->external.direct_reference);
409
410 proto_item_append_text(tree, " (%s)", name ? name : actx->external.direct_reference);
411 }
412
413
414 return offset;
415 }
416
417
418
419 static int
420 dissect_x509af_BOOLEAN(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
421 offset = dissect_ber_boolean(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
422
423 return offset;
424 }
425
426
427
428 static int
429 dissect_x509af_T_extnValue(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
430 int8_t ber_class;
431 bool pc, ind;
432 int32_t tag;
433 uint32_t len;
434 /* skip past the T and L */
435 offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &ber_class, &pc, &tag);
436 offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, &ind);
437 offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL);
438
439
440 return offset;
441 }
442
443
444 static const ber_sequence_t Extension_sequence[] = {
445 { &hf_x509af_extnId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_x509af_T_extnId },
446 { &hf_x509af_critical , BER_CLASS_UNI, BER_UNI_TAG_BOOLEAN, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_BOOLEAN },
447 { &hf_x509af_extnValue , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_x509af_T_extnValue },
448 { NULL, 0, 0, 0, NULL }
449 };
450
451 int
452 dissect_x509af_Extension(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
453 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
454 Extension_sequence, hf_index, ett_x509af_Extension);
455
456 return offset;
457 }
458
459
460 static const ber_sequence_t Extensions_sequence_of[1] = {
461 { &hf_x509af_Extensions_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_Extension },
462 };
463
464 int
465 dissect_x509af_Extensions(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
466 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
467 Extensions_sequence_of, hf_index, ett_x509af_Extensions);
468
469 return offset;
470 }
471
472
473 static const ber_sequence_t T_signedCertificate_sequence[] = {
474 { &hf_x509af_version , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_x509af_Version },
475 { &hf_x509af_serialNumber , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_x509af_CertificateSerialNumber },
476 { &hf_x509af_signature , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
477 { &hf_x509af_issuer , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG, dissect_x509if_Name },
478 { &hf_x509af_validity , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_Validity },
479 { &hf_x509af_subject , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_x509af_SubjectName },
480 { &hf_x509af_subjectPublicKeyInfo, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_SubjectPublicKeyInfo },
481 { &hf_x509af_issuerUniqueIdentifier, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG, dissect_x509sat_UniqueIdentifier },
482 { &hf_x509af_subjectUniqueIdentifier, BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG, dissect_x509sat_UniqueIdentifier },
483 { &hf_x509af_extensions , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_x509af_Extensions },
484 { NULL, 0, 0, 0, NULL }
485 };
486
487 static int
488 dissect_x509af_T_signedCertificate(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
489 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
490 T_signedCertificate_sequence, hf_index, ett_x509af_T_signedCertificate);
491
492 return offset;
493 }
494
495
496
497 static int
498 dissect_x509af_BIT_STRING(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
499 offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
500 NULL, 0, hf_index, -1,
501 NULL);
502
503 return offset;
504 }
505
506
507 static const ber_sequence_t Certificate_sequence[] = {
508 { &hf_x509af_signedCertificate, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_T_signedCertificate },
509 { &hf_x509af_algorithmIdentifier, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
510 { &hf_x509af_encrypted , BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_x509af_BIT_STRING },
511 { NULL, 0, 0, 0, NULL }
512 };
513
514 int
515 dissect_x509af_Certificate(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
516 int start_offset = offset;
517 x509af_eo_t *eo_info = NULL;
518 if (have_tap_listener(x509af_eo_tap)) {
519 eo_info = wmem_new0(actx->pinfo->pool, x509af_eo_t);
520 p_add_proto_data(actx->pinfo->pool, actx->pinfo, proto_x509af, 0, eo_info);
521 }
522
523 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
524 Certificate_sequence, hf_index, ett_x509af_Certificate);
525
526
527 if (eo_info) {
528 eo_info->payload = tvb_new_subset_length(tvb, start_offset, offset - start_offset);
529 tap_queue_packet(x509af_eo_tap, actx->pinfo, eo_info);
530 }
531
532
533
534 return offset;
535 }
536
537
538 static const ber_sequence_t CrossCertificates_set_of[1] = {
539 { &hf_x509af_CrossCertificates_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_Certificate },
540 };
541
542 int
543 dissect_x509af_CrossCertificates(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
544 offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
545 CrossCertificates_set_of, hf_index, ett_x509af_CrossCertificates);
546
547 return offset;
548 }
549
550
551 static const ber_sequence_t ForwardCertificationPath_sequence_of[1] = {
552 { &hf_x509af_ForwardCertificationPath_item, BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_NOOWNTAG, dissect_x509af_CrossCertificates },
553 };
554
555 int
556 dissect_x509af_ForwardCertificationPath(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
557 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
558 ForwardCertificationPath_sequence_of, hf_index, ett_x509af_ForwardCertificationPath);
559
560 return offset;
561 }
562
563
564 static const ber_sequence_t Certificates_sequence[] = {
565 { &hf_x509af_userCertificate, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_Certificate },
566 { &hf_x509af_certificationPath, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_ForwardCertificationPath },
567 { NULL, 0, 0, 0, NULL }
568 };
569
570 int
571 dissect_x509af_Certificates(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
572 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
573 Certificates_sequence, hf_index, ett_x509af_Certificates);
574
575 return offset;
576 }
577
578
579 static const ber_sequence_t CertificatePair_sequence[] = {
580 { &hf_x509af_issuedByThisCA, BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_x509af_Certificate },
581 { &hf_x509af_issuedToThisCA, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_x509af_Certificate },
582 { NULL, 0, 0, 0, NULL }
583 };
584
585 int
586 dissect_x509af_CertificatePair(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
587 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
588 CertificatePair_sequence, hf_index, ett_x509af_CertificatePair);
589
590 return offset;
591 }
592
593
594 static const ber_sequence_t SEQUENCE_OF_CertificatePair_sequence_of[1] = {
595 { &hf_x509af_theCACertificates_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_CertificatePair },
596 };
597
598 static int
599 dissect_x509af_SEQUENCE_OF_CertificatePair(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
600 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
601 SEQUENCE_OF_CertificatePair_sequence_of, hf_index, ett_x509af_SEQUENCE_OF_CertificatePair);
602
603 return offset;
604 }
605
606
607 static const ber_sequence_t CertificationPath_sequence[] = {
608 { &hf_x509af_userCertificate, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_Certificate },
609 { &hf_x509af_theCACertificates, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_SEQUENCE_OF_CertificatePair },
610 { NULL, 0, 0, 0, NULL }
611 };
612
613 int
614 dissect_x509af_CertificationPath(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
615 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
616 CertificationPath_sequence, hf_index, ett_x509af_CertificationPath);
617
618 return offset;
619 }
620
621
622 static const ber_sequence_t T_revokedCertificates_item_sequence[] = {
623 { &hf_x509af_revokedUserCertificate, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_x509af_CertificateSerialNumber },
624 { &hf_x509af_revocationDate, BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_x509af_Time },
625 { &hf_x509af_crlEntryExtensions, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_Extensions },
626 { NULL, 0, 0, 0, NULL }
627 };
628
629 static int
630 dissect_x509af_T_revokedCertificates_item(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
631 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
632 T_revokedCertificates_item_sequence, hf_index, ett_x509af_T_revokedCertificates_item);
633
634 return offset;
635 }
636
637
638 static const ber_sequence_t T_revokedCertificates_sequence_of[1] = {
639 { &hf_x509af_revokedCertificates_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_T_revokedCertificates_item },
640 };
641
642 static int
643 dissect_x509af_T_revokedCertificates(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
644 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
645 T_revokedCertificates_sequence_of, hf_index, ett_x509af_T_revokedCertificates);
646
647 return offset;
648 }
649
650
651 static const ber_sequence_t T_signedCertificateList_sequence[] = {
652 { &hf_x509af_version , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_Version },
653 { &hf_x509af_signature , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
654 { &hf_x509af_issuer , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG, dissect_x509if_Name },
655 { &hf_x509af_thisUpdate , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_x509af_Time },
656 { &hf_x509af_nextUpdate , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_x509af_Time },
657 { &hf_x509af_revokedCertificates, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_T_revokedCertificates },
658 { &hf_x509af_crlExtensions, BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_x509af_Extensions },
659 { NULL, 0, 0, 0, NULL }
660 };
661
662 static int
663 dissect_x509af_T_signedCertificateList(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
664 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
665 T_signedCertificateList_sequence, hf_index, ett_x509af_T_signedCertificateList);
666
667 return offset;
668 }
669
670
671 static const ber_sequence_t CertificateList_sequence[] = {
672 { &hf_x509af_signedCertificateList, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_T_signedCertificateList },
673 { &hf_x509af_algorithmIdentifier, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
674 { &hf_x509af_encrypted , BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_x509af_BIT_STRING },
675 { NULL, 0, 0, 0, NULL }
676 };
677
678 int
679 dissect_x509af_CertificateList(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
680 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
681 CertificateList_sequence, hf_index, ett_x509af_CertificateList);
682
683 return offset;
684 }
685
686
687 static const ber_sequence_t IssuerSerial_sequence[] = {
688 { &hf_x509af_issuerName , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509ce_GeneralNames },
689 { &hf_x509af_serial , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_x509af_CertificateSerialNumber },
690 { &hf_x509af_issuerUID , BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509sat_UniqueIdentifier },
691 { NULL, 0, 0, 0, NULL }
692 };
693
694 int
695 dissect_x509af_IssuerSerial(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
696 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
697 IssuerSerial_sequence, hf_index, ett_x509af_IssuerSerial);
698
699 return offset;
700 }
701
702
703 static const value_string x509af_InfoSubject_vals[] = {
704 { 0, "baseCertificateID" },
705 { 1, "subjectName" },
706 { 0, NULL }
707 };
708
709 static const ber_choice_t InfoSubject_choice[] = {
710 { 0, &hf_x509af_baseCertificateID, BER_CLASS_CON, 0, 0, dissect_x509af_IssuerSerial },
711 { 1, &hf_x509af_infoSubjectName, BER_CLASS_CON, 1, 0, dissect_x509ce_GeneralNames },
712 { 0, NULL, 0, 0, 0, NULL }
713 };
714
715 static int
716 dissect_x509af_InfoSubject(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
717 offset = dissect_ber_choice(actx, tree, tvb, offset,
718 InfoSubject_choice, hf_index, ett_x509af_InfoSubject,
719 NULL);
720
721 return offset;
722 }
723
724
725 static const ber_sequence_t AttCertValidityPeriod_sequence[] = {
726 { &hf_x509af_notBeforeTime, BER_CLASS_UNI, BER_UNI_TAG_GeneralizedTime, BER_FLAGS_NOOWNTAG, dissect_x509af_GeneralizedTime },
727 { &hf_x509af_notAfterTime , BER_CLASS_UNI, BER_UNI_TAG_GeneralizedTime, BER_FLAGS_NOOWNTAG, dissect_x509af_GeneralizedTime },
728 { NULL, 0, 0, 0, NULL }
729 };
730
731 int
732 dissect_x509af_AttCertValidityPeriod(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
733 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
734 AttCertValidityPeriod_sequence, hf_index, ett_x509af_AttCertValidityPeriod);
735
736 return offset;
737 }
738
739
740 static const ber_sequence_t SEQUENCE_OF_Attribute_sequence_of[1] = {
741 { &hf_x509af_attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509if_Attribute },
742 };
743
744 static int
745 dissect_x509af_SEQUENCE_OF_Attribute(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
746 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
747 SEQUENCE_OF_Attribute_sequence_of, hf_index, ett_x509af_SEQUENCE_OF_Attribute);
748
749 return offset;
750 }
751
752
753 static const ber_sequence_t AttributeCertificateInfo_sequence[] = {
754 { &hf_x509af_version , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_Version },
755 { &hf_x509af_info_subject , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_x509af_InfoSubject },
756 { &hf_x509af_issuerName , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509ce_GeneralNames },
757 { &hf_x509af_signature , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
758 { &hf_x509af_serialNumber , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_x509af_CertificateSerialNumber },
759 { &hf_x509af_attCertValidityPeriod, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AttCertValidityPeriod },
760 { &hf_x509af_attributes , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_SEQUENCE_OF_Attribute },
761 { &hf_x509af_issuerUniqueID, BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509sat_UniqueIdentifier },
762 { &hf_x509af_extensions , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_Extensions },
763 { NULL, 0, 0, 0, NULL }
764 };
765
766 int
767 dissect_x509af_AttributeCertificateInfo(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
768 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
769 AttributeCertificateInfo_sequence, hf_index, ett_x509af_AttributeCertificateInfo);
770
771 return offset;
772 }
773
774
775 static const ber_sequence_t AttributeCertificate_sequence[] = {
776 { &hf_x509af_signedAttributeCertificateInfo, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AttributeCertificateInfo },
777 { &hf_x509af_algorithmIdentifier, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
778 { &hf_x509af_encrypted , BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_x509af_BIT_STRING },
779 { NULL, 0, 0, 0, NULL }
780 };
781
782 int
783 dissect_x509af_AttributeCertificate(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
784 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
785 AttributeCertificate_sequence, hf_index, ett_x509af_AttributeCertificate);
786
787 return offset;
788 }
789
790
791 static const ber_sequence_t ACPathData_sequence[] = {
792 { &hf_x509af_certificate , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_x509af_Certificate },
793 { &hf_x509af_attributeCertificate, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_x509af_AttributeCertificate },
794 { NULL, 0, 0, 0, NULL }
795 };
796
797 int
798 dissect_x509af_ACPathData(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
799 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
800 ACPathData_sequence, hf_index, ett_x509af_ACPathData);
801
802 return offset;
803 }
804
805
806 static const ber_sequence_t SEQUENCE_OF_ACPathData_sequence_of[1] = {
807 { &hf_x509af_acPath_item , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_ACPathData },
808 };
809
810 static int
811 dissect_x509af_SEQUENCE_OF_ACPathData(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
812 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
813 SEQUENCE_OF_ACPathData_sequence_of, hf_index, ett_x509af_SEQUENCE_OF_ACPathData);
814
815 return offset;
816 }
817
818
819 static const ber_sequence_t AttributeCertificationPath_sequence[] = {
820 { &hf_x509af_attributeCertificate, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AttributeCertificate },
821 { &hf_x509af_acPath , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_SEQUENCE_OF_ACPathData },
822 { NULL, 0, 0, 0, NULL }
823 };
824
825 int
826 dissect_x509af_AttributeCertificationPath(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
827 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
828 AttributeCertificationPath_sequence, hf_index, ett_x509af_AttributeCertificationPath);
829
830 return offset;
831 }
832
833
834 static const value_string x509af_AssertionSubject_vals[] = {
835 { 0, "baseCertificateID" },
836 { 1, "subjectName" },
837 { 0, NULL }
838 };
839
840 static const ber_choice_t AssertionSubject_choice[] = {
841 { 0, &hf_x509af_baseCertificateID, BER_CLASS_CON, 0, 0, dissect_x509af_IssuerSerial },
842 { 1, &hf_x509af_assertionSubjectName, BER_CLASS_CON, 1, 0, dissect_x509af_SubjectName },
843 { 0, NULL, 0, 0, 0, NULL }
844 };
845
846 static int
847 dissect_x509af_AssertionSubject(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
848 offset = dissect_ber_choice(actx, tree, tvb, offset,
849 AssertionSubject_choice, hf_index, ett_x509af_AssertionSubject,
850 NULL);
851
852 return offset;
853 }
854
855
856 static const ber_sequence_t SET_OF_AttributeType_set_of[1] = {
857 { &hf_x509af_attType_item , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_x509if_AttributeType },
858 };
859
860 static int
861 dissect_x509af_SET_OF_AttributeType(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
862 offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
863 SET_OF_AttributeType_set_of, hf_index, ett_x509af_SET_OF_AttributeType);
864
865 return offset;
866 }
867
868
869 static const ber_sequence_t AttributeCertificateAssertion_sequence[] = {
870 { &hf_x509af_assertion_subject, BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_x509af_AssertionSubject },
871 { &hf_x509af_assertionIssuer, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_x509if_Name },
872 { &hf_x509af_attCertValidity, BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_x509af_GeneralizedTime },
873 { &hf_x509af_attType , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_x509af_SET_OF_AttributeType },
874 { NULL, 0, 0, 0, NULL }
875 };
876
877 int
878 dissect_x509af_AttributeCertificateAssertion(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
879 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
880 AttributeCertificateAssertion_sequence, hf_index, ett_x509af_AttributeCertificateAssertion);
881
882 return offset;
883 }
884
885
886
887 static int
888 dissect_x509af_INTEGER(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
889 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
890 NULL);
891
892 return offset;
893 }
894
895
896 static const ber_sequence_t DSS_Params_sequence[] = {
897 { &hf_x509af_p , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_x509af_INTEGER },
898 { &hf_x509af_q , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_x509af_INTEGER },
899 { &hf_x509af_g , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_x509af_INTEGER },
900 { NULL, 0, 0, 0, NULL }
901 };
902
903 static int
904 dissect_x509af_DSS_Params(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
905 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
906 DSS_Params_sequence, hf_index, ett_x509af_DSS_Params);
907
908 return offset;
909 }
910
911
912
913 static int
914 dissect_x509af_Userid(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
915 offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_UTF8String,
916 actx, tree, tvb, offset, hf_index,
917 NULL);
918
919 return offset;
920 }
921
922 /*--- PDUs ---*/
923
924 int dissect_x509af_Certificate_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
925 int offset = 0;
926 asn1_ctx_t asn1_ctx;
927 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
928 offset = dissect_x509af_Certificate(false, tvb, offset, &asn1_ctx, tree, hf_x509af_x509af_Certificate_PDU);
929 return offset;
930 }
931 static int dissect_SubjectPublicKeyInfo_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
932 int offset = 0;
933 asn1_ctx_t asn1_ctx;
934 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
935 offset = dissect_x509af_SubjectPublicKeyInfo(false, tvb, offset, &asn1_ctx, tree, hf_x509af_SubjectPublicKeyInfo_PDU);
936 return offset;
937 }
938 static int dissect_CertificatePair_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
939 int offset = 0;
940 asn1_ctx_t asn1_ctx;
941 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
942 offset = dissect_x509af_CertificatePair(false, tvb, offset, &asn1_ctx, tree, hf_x509af_CertificatePair_PDU);
943 return offset;
944 }
945 static int dissect_CertificateList_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
946 int offset = 0;
947 asn1_ctx_t asn1_ctx;
948 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
949 offset = dissect_x509af_CertificateList(false, tvb, offset, &asn1_ctx, tree, hf_x509af_CertificateList_PDU);
950 return offset;
951 }
952 static int dissect_AttributeCertificate_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
953 int offset = 0;
954 asn1_ctx_t asn1_ctx;
955 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
956 offset = dissect_x509af_AttributeCertificate(false, tvb, offset, &asn1_ctx, tree, hf_x509af_AttributeCertificate_PDU);
957 return offset;
958 }
959 static int dissect_DSS_Params_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
960 int offset = 0;
961 asn1_ctx_t asn1_ctx;
962 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
963 offset = dissect_x509af_DSS_Params(false, tvb, offset, &asn1_ctx, tree, hf_x509af_DSS_Params_PDU);
964 return offset;
965 }
966 static int dissect_Userid_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
967 int offset = 0;
968 asn1_ctx_t asn1_ctx;
969 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
970 offset = dissect_x509af_Userid(false, tvb, offset, &asn1_ctx, tree, hf_x509af_Userid_PDU);
971 return offset;
972 }
973
974
975 static tap_packet_status
976 x509af_eo_packet(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const void *data, tap_flags_t flags _U_)
977 {
978 export_object_list_t *object_list = (export_object_list_t *)tapdata;
979 const x509af_eo_t *eo_info = (const x509af_eo_t *)data;
980 export_object_entry_t *entry;
981
982 if (data) {
983 entry = g_new0(export_object_entry_t, 1);
984
985 entry->pkt_num = pinfo->num;
986
987 // There should be a commonName
988 char *name = strstr(eo_info->subjectname, "id-at-commonName=");
989 if (name) {
990 name += strlen("id-at-commonName=");
991 entry->hostname = g_strndup(name, strcspn(name, ","));
992 }
993 entry->content_type = g_strdup("application/pkix-cert");
994
995 entry->filename = g_strdup_printf("%s.cer", eo_info->serialnum);
996
997 entry->payload_len = tvb_captured_length(eo_info->payload);
998 entry->payload_data = (uint8_t *)tvb_memdup(NULL, eo_info->payload, 0, entry->payload_len);
999
1000 object_list->add_entry(object_list->gui_data, entry);
1001
1002 return TAP_PACKET_REDRAW;
1003 } else {
1004 return TAP_PACKET_DONT_REDRAW;
1005 }
1006 }
1007
1008 /* Exports the SubjectPublicKeyInfo structure as gnutls_datum_t.
1009 * actx->private_data is assumed to be a gnutls_datum_t pointer which will be
1010 * filled in if non-NULL. */
1011 static void
1012 x509af_export_publickey(tvbuff_t *tvb _U_, asn1_ctx_t *actx _U_, int offset _U_, int len _U_)
1013 {
1014 #if defined(HAVE_LIBGNUTLS)
1015 gnutls_datum_t *subjectPublicKeyInfo = (gnutls_datum_t *)actx->private_data;
1016 if (subjectPublicKeyInfo) {
1017 subjectPublicKeyInfo->data = (unsigned char *) tvb_get_ptr(tvb, offset, len);
1018 subjectPublicKeyInfo->size = len;
1019 actx->private_data = NULL;
1020 }
1021 #endif
1022 }
1023
1024 const char *x509af_get_last_algorithm_id(void) {
1025 return algorithm_id;
1026 }
1027
1028
1029 static int
1030 dissect_pkix_crl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void *data _U_)
1031 {
1032 proto_tree *tree;
1033 asn1_ctx_t asn1_ctx;
1034 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo);
1035
1036 col_set_str(pinfo->cinfo, COL_PROTOCOL, "PKIX-CRL");
1037
1038 col_set_str(pinfo->cinfo, COL_INFO, "Certificate Revocation List");
1039
1040
1041 tree=proto_tree_add_subtree(parent_tree, tvb, 0, -1, ett_pkix_crl, NULL, "Certificate Revocation List");
1042
1043 return dissect_x509af_CertificateList(false, tvb, 0, &asn1_ctx, tree, -1);
1044 }
1045
1046 static void
1047 x509af_cleanup_protocol(void)
1048 {
1049 algorithm_id = NULL;
1050 }
1051
1052 /*--- proto_register_x509af ----------------------------------------------*/
1053 void proto_register_x509af(void) {
1054
1055 /* List of fields */
1056 static hf_register_info hf[] = {
1057 { &hf_x509af_algorithm_id,
1058 { "Algorithm Id", "x509af.algorithm.id",
1059 FT_OID, BASE_NONE, NULL, 0,
1060 NULL, HFILL }},
1061 { &hf_x509af_extension_id,
1062 { "Extension Id", "x509af.extension.id",
1063 FT_OID, BASE_NONE, NULL, 0,
1064 NULL, HFILL }},
1065 { &hf_x509af_x509af_Certificate_PDU,
1066 { "Certificate", "x509af.Certificate_element",
1067 FT_NONE, BASE_NONE, NULL, 0,
1068 NULL, HFILL }},
1069 { &hf_x509af_SubjectPublicKeyInfo_PDU,
1070 { "SubjectPublicKeyInfo", "x509af.SubjectPublicKeyInfo_element",
1071 FT_NONE, BASE_NONE, NULL, 0,
1072 NULL, HFILL }},
1073 { &hf_x509af_CertificatePair_PDU,
1074 { "CertificatePair", "x509af.CertificatePair_element",
1075 FT_NONE, BASE_NONE, NULL, 0,
1076 NULL, HFILL }},
1077 { &hf_x509af_CertificateList_PDU,
1078 { "CertificateList", "x509af.CertificateList_element",
1079 FT_NONE, BASE_NONE, NULL, 0,
1080 NULL, HFILL }},
1081 { &hf_x509af_AttributeCertificate_PDU,
1082 { "AttributeCertificate", "x509af.AttributeCertificate_element",
1083 FT_NONE, BASE_NONE, NULL, 0,
1084 NULL, HFILL }},
1085 { &hf_x509af_DSS_Params_PDU,
1086 { "DSS-Params", "x509af.DSS_Params_element",
1087 FT_NONE, BASE_NONE, NULL, 0,
1088 NULL, HFILL }},
1089 { &hf_x509af_Userid_PDU,
1090 { "Userid", "x509af.Userid",
1091 FT_STRING, BASE_NONE, NULL, 0,
1092 NULL, HFILL }},
1093 { &hf_x509af_signedCertificate,
1094 { "signedCertificate", "x509af.signedCertificate_element",
1095 FT_NONE, BASE_NONE, NULL, 0,
1096 NULL, HFILL }},
1097 { &hf_x509af_version,
1098 { "version", "x509af.version",
1099 FT_INT32, BASE_DEC, VALS(x509af_Version_vals), 0,
1100 NULL, HFILL }},
1101 { &hf_x509af_serialNumber,
1102 { "serialNumber", "x509af.serialNumber",
1103 FT_BYTES, BASE_NONE, NULL, 0,
1104 "CertificateSerialNumber", HFILL }},
1105 { &hf_x509af_signature,
1106 { "signature", "x509af.signature_element",
1107 FT_NONE, BASE_NONE, NULL, 0,
1108 "AlgorithmIdentifier", HFILL }},
1109 { &hf_x509af_issuer,
1110 { "issuer", "x509af.issuer",
1111 FT_UINT32, BASE_DEC, VALS(x509if_Name_vals), 0,
1112 "Name", HFILL }},
1113 { &hf_x509af_validity,
1114 { "validity", "x509af.validity_element",
1115 FT_NONE, BASE_NONE, NULL, 0,
1116 NULL, HFILL }},
1117 { &hf_x509af_subject,
1118 { "subject", "x509af.subject",
1119 FT_UINT32, BASE_DEC, VALS(x509af_SubjectName_vals), 0,
1120 "SubjectName", HFILL }},
1121 { &hf_x509af_subjectPublicKeyInfo,
1122 { "subjectPublicKeyInfo", "x509af.subjectPublicKeyInfo_element",
1123 FT_NONE, BASE_NONE, NULL, 0,
1124 NULL, HFILL }},
1125 { &hf_x509af_issuerUniqueIdentifier,
1126 { "issuerUniqueIdentifier", "x509af.issuerUniqueIdentifier",
1127 FT_BYTES, BASE_NONE, NULL, 0,
1128 "UniqueIdentifier", HFILL }},
1129 { &hf_x509af_subjectUniqueIdentifier,
1130 { "subjectUniqueIdentifier", "x509af.subjectUniqueIdentifier",
1131 FT_BYTES, BASE_NONE, NULL, 0,
1132 "UniqueIdentifier", HFILL }},
1133 { &hf_x509af_extensions,
1134 { "extensions", "x509af.extensions",
1135 FT_UINT32, BASE_DEC, NULL, 0,
1136 NULL, HFILL }},
1137 { &hf_x509af_algorithmIdentifier,
1138 { "algorithmIdentifier", "x509af.algorithmIdentifier_element",
1139 FT_NONE, BASE_NONE, NULL, 0,
1140 NULL, HFILL }},
1141 { &hf_x509af_encrypted,
1142 { "encrypted", "x509af.encrypted",
1143 FT_BYTES, BASE_NONE, NULL, 0,
1144 "BIT_STRING", HFILL }},
1145 { &hf_x509af_rdnSequence,
1146 { "rdnSequence", "x509af.rdnSequence",
1147 FT_UINT32, BASE_DEC, NULL, 0,
1148 NULL, HFILL }},
1149 { &hf_x509af_algorithmId,
1150 { "algorithmId", "x509af.algorithmId",
1151 FT_OID, BASE_NONE, NULL, 0,
1152 NULL, HFILL }},
1153 { &hf_x509af_parameters,
1154 { "parameters", "x509af.parameters_element",
1155 FT_NONE, BASE_NONE, NULL, 0,
1156 NULL, HFILL }},
1157 { &hf_x509af_notBefore,
1158 { "notBefore", "x509af.notBefore",
1159 FT_UINT32, BASE_DEC, VALS(x509af_Time_vals), 0,
1160 "Time", HFILL }},
1161 { &hf_x509af_notAfter,
1162 { "notAfter", "x509af.notAfter",
1163 FT_UINT32, BASE_DEC, VALS(x509af_Time_vals), 0,
1164 "Time", HFILL }},
1165 { &hf_x509af_algorithm,
1166 { "algorithm", "x509af.algorithm_element",
1167 FT_NONE, BASE_NONE, NULL, 0,
1168 "AlgorithmIdentifier", HFILL }},
1169 { &hf_x509af_subjectPublicKey,
1170 { "subjectPublicKey", "x509af.subjectPublicKey",
1171 FT_BYTES, BASE_NONE, NULL, 0,
1172 NULL, HFILL }},
1173 { &hf_x509af_utcTime,
1174 { "utcTime", "x509af.utcTime",
1175 FT_STRING, BASE_NONE, NULL, 0,
1176 NULL, HFILL }},
1177 { &hf_x509af_generalizedTime,
1178 { "generalizedTime", "x509af.generalizedTime",
1179 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0,
1180 NULL, HFILL }},
1181 { &hf_x509af_Extensions_item,
1182 { "Extension", "x509af.Extension_element",
1183 FT_NONE, BASE_NONE, NULL, 0,
1184 NULL, HFILL }},
1185 { &hf_x509af_extnId,
1186 { "extnId", "x509af.extnId",
1187 FT_OID, BASE_NONE, NULL, 0,
1188 NULL, HFILL }},
1189 { &hf_x509af_critical,
1190 { "critical", "x509af.critical",
1191 FT_BOOLEAN, BASE_NONE, NULL, 0,
1192 "BOOLEAN", HFILL }},
1193 { &hf_x509af_extnValue,
1194 { "extnValue", "x509af.extnValue",
1195 FT_BYTES, BASE_NONE, NULL, 0,
1196 NULL, HFILL }},
1197 { &hf_x509af_userCertificate,
1198 { "userCertificate", "x509af.userCertificate_element",
1199 FT_NONE, BASE_NONE, NULL, 0,
1200 "Certificate", HFILL }},
1201 { &hf_x509af_certificationPath,
1202 { "certificationPath", "x509af.certificationPath",
1203 FT_UINT32, BASE_DEC, NULL, 0,
1204 "ForwardCertificationPath", HFILL }},
1205 { &hf_x509af_ForwardCertificationPath_item,
1206 { "CrossCertificates", "x509af.CrossCertificates",
1207 FT_UINT32, BASE_DEC, NULL, 0,
1208 NULL, HFILL }},
1209 { &hf_x509af_CrossCertificates_item,
1210 { "Certificate", "x509af.Certificate_element",
1211 FT_NONE, BASE_NONE, NULL, 0,
1212 NULL, HFILL }},
1213 { &hf_x509af_theCACertificates,
1214 { "theCACertificates", "x509af.theCACertificates",
1215 FT_UINT32, BASE_DEC, NULL, 0,
1216 "SEQUENCE_OF_CertificatePair", HFILL }},
1217 { &hf_x509af_theCACertificates_item,
1218 { "CertificatePair", "x509af.CertificatePair_element",
1219 FT_NONE, BASE_NONE, NULL, 0,
1220 NULL, HFILL }},
1221 { &hf_x509af_issuedByThisCA,
1222 { "issuedByThisCA", "x509af.issuedByThisCA_element",
1223 FT_NONE, BASE_NONE, NULL, 0,
1224 "Certificate", HFILL }},
1225 { &hf_x509af_issuedToThisCA,
1226 { "issuedToThisCA", "x509af.issuedToThisCA_element",
1227 FT_NONE, BASE_NONE, NULL, 0,
1228 "Certificate", HFILL }},
1229 { &hf_x509af_signedCertificateList,
1230 { "signedCertificateList", "x509af.signedCertificateList_element",
1231 FT_NONE, BASE_NONE, NULL, 0,
1232 NULL, HFILL }},
1233 { &hf_x509af_thisUpdate,
1234 { "thisUpdate", "x509af.thisUpdate",
1235 FT_UINT32, BASE_DEC, VALS(x509af_Time_vals), 0,
1236 "Time", HFILL }},
1237 { &hf_x509af_nextUpdate,
1238 { "nextUpdate", "x509af.nextUpdate",
1239 FT_UINT32, BASE_DEC, VALS(x509af_Time_vals), 0,
1240 "Time", HFILL }},
1241 { &hf_x509af_revokedCertificates,
1242 { "revokedCertificates", "x509af.revokedCertificates",
1243 FT_UINT32, BASE_DEC, NULL, 0,
1244 NULL, HFILL }},
1245 { &hf_x509af_revokedCertificates_item,
1246 { "revokedCertificates item", "x509af.revokedCertificates_item_element",
1247 FT_NONE, BASE_NONE, NULL, 0,
1248 NULL, HFILL }},
1249 { &hf_x509af_revokedUserCertificate,
1250 { "userCertificate", "x509af.revokedUserCertificate",
1251 FT_BYTES, BASE_NONE, NULL, 0,
1252 "CertificateSerialNumber", HFILL }},
1253 { &hf_x509af_revocationDate,
1254 { "revocationDate", "x509af.revocationDate",
1255 FT_UINT32, BASE_DEC, VALS(x509af_Time_vals), 0,
1256 "Time", HFILL }},
1257 { &hf_x509af_crlEntryExtensions,
1258 { "crlEntryExtensions", "x509af.crlEntryExtensions",
1259 FT_UINT32, BASE_DEC, NULL, 0,
1260 "Extensions", HFILL }},
1261 { &hf_x509af_crlExtensions,
1262 { "crlExtensions", "x509af.crlExtensions",
1263 FT_UINT32, BASE_DEC, NULL, 0,
1264 "Extensions", HFILL }},
1265 { &hf_x509af_attributeCertificate,
1266 { "attributeCertificate", "x509af.attributeCertificate_element",
1267 FT_NONE, BASE_NONE, NULL, 0,
1268 NULL, HFILL }},
1269 { &hf_x509af_acPath,
1270 { "acPath", "x509af.acPath",
1271 FT_UINT32, BASE_DEC, NULL, 0,
1272 "SEQUENCE_OF_ACPathData", HFILL }},
1273 { &hf_x509af_acPath_item,
1274 { "ACPathData", "x509af.ACPathData_element",
1275 FT_NONE, BASE_NONE, NULL, 0,
1276 NULL, HFILL }},
1277 { &hf_x509af_certificate,
1278 { "certificate", "x509af.certificate_element",
1279 FT_NONE, BASE_NONE, NULL, 0,
1280 NULL, HFILL }},
1281 { &hf_x509af_signedAttributeCertificateInfo,
1282 { "signedAttributeCertificateInfo", "x509af.signedAttributeCertificateInfo_element",
1283 FT_NONE, BASE_NONE, NULL, 0,
1284 "AttributeCertificateInfo", HFILL }},
1285 { &hf_x509af_info_subject,
1286 { "subject", "x509af.info_subject",
1287 FT_UINT32, BASE_DEC, VALS(x509af_InfoSubject_vals), 0,
1288 "InfoSubject", HFILL }},
1289 { &hf_x509af_baseCertificateID,
1290 { "baseCertificateID", "x509af.baseCertificateID_element",
1291 FT_NONE, BASE_NONE, NULL, 0,
1292 "IssuerSerial", HFILL }},
1293 { &hf_x509af_infoSubjectName,
1294 { "subjectName", "x509af.infoSubjectName",
1295 FT_UINT32, BASE_DEC, NULL, 0,
1296 "GeneralNames", HFILL }},
1297 { &hf_x509af_issuerName,
1298 { "issuer", "x509af.issuerName",
1299 FT_UINT32, BASE_DEC, NULL, 0,
1300 "GeneralNames", HFILL }},
1301 { &hf_x509af_attCertValidityPeriod,
1302 { "attCertValidityPeriod", "x509af.attCertValidityPeriod_element",
1303 FT_NONE, BASE_NONE, NULL, 0,
1304 NULL, HFILL }},
1305 { &hf_x509af_attributes,
1306 { "attributes", "x509af.attributes",
1307 FT_UINT32, BASE_DEC, NULL, 0,
1308 "SEQUENCE_OF_Attribute", HFILL }},
1309 { &hf_x509af_attributes_item,
1310 { "Attribute", "x509af.Attribute_element",
1311 FT_NONE, BASE_NONE, NULL, 0,
1312 NULL, HFILL }},
1313 { &hf_x509af_issuerUniqueID,
1314 { "issuerUniqueID", "x509af.issuerUniqueID",
1315 FT_BYTES, BASE_NONE, NULL, 0,
1316 "UniqueIdentifier", HFILL }},
1317 { &hf_x509af_serial,
1318 { "serial", "x509af.serial",
1319 FT_BYTES, BASE_NONE, NULL, 0,
1320 "CertificateSerialNumber", HFILL }},
1321 { &hf_x509af_issuerUID,
1322 { "issuerUID", "x509af.issuerUID",
1323 FT_BYTES, BASE_NONE, NULL, 0,
1324 "UniqueIdentifier", HFILL }},
1325 { &hf_x509af_notBeforeTime,
1326 { "notBeforeTime", "x509af.notBeforeTime",
1327 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0,
1328 "GeneralizedTime", HFILL }},
1329 { &hf_x509af_notAfterTime,
1330 { "notAfterTime", "x509af.notAfterTime",
1331 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0,
1332 "GeneralizedTime", HFILL }},
1333 { &hf_x509af_assertion_subject,
1334 { "subject", "x509af.assertion_subject",
1335 FT_UINT32, BASE_DEC, VALS(x509af_AssertionSubject_vals), 0,
1336 "AssertionSubject", HFILL }},
1337 { &hf_x509af_assertionSubjectName,
1338 { "subjectName", "x509af.assertionSubjectName",
1339 FT_UINT32, BASE_DEC, VALS(x509af_SubjectName_vals), 0,
1340 NULL, HFILL }},
1341 { &hf_x509af_assertionIssuer,
1342 { "issuer", "x509af.assertionIssuer",
1343 FT_UINT32, BASE_DEC, VALS(x509if_Name_vals), 0,
1344 "Name", HFILL }},
1345 { &hf_x509af_attCertValidity,
1346 { "attCertValidity", "x509af.attCertValidity",
1347 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0,
1348 "GeneralizedTime", HFILL }},
1349 { &hf_x509af_attType,
1350 { "attType", "x509af.attType",
1351 FT_UINT32, BASE_DEC, NULL, 0,
1352 "SET_OF_AttributeType", HFILL }},
1353 { &hf_x509af_attType_item,
1354 { "AttributeType", "x509af.AttributeType",
1355 FT_OID, BASE_NONE, NULL, 0,
1356 NULL, HFILL }},
1357 { &hf_x509af_p,
1358 { "p", "x509af.p",
1359 FT_BYTES, BASE_NONE, NULL, 0,
1360 "INTEGER", HFILL }},
1361 { &hf_x509af_q,
1362 { "q", "x509af.q",
1363 FT_BYTES, BASE_NONE, NULL, 0,
1364 "INTEGER", HFILL }},
1365 { &hf_x509af_g,
1366 { "g", "x509af.g",
1367 FT_BYTES, BASE_NONE, NULL, 0,
1368 "INTEGER", HFILL }},
1369 };
1370
1371 /* List of subtrees */
1372 static int *ett[] = {
1373 &ett_pkix_crl,
1374 &ett_x509af_Certificate,
1375 &ett_x509af_T_signedCertificate,
1376 &ett_x509af_SubjectName,
1377 &ett_x509af_AlgorithmIdentifier,
1378 &ett_x509af_Validity,
1379 &ett_x509af_SubjectPublicKeyInfo,
1380 &ett_x509af_Time,
1381 &ett_x509af_Extensions,
1382 &ett_x509af_Extension,
1383 &ett_x509af_Certificates,
1384 &ett_x509af_ForwardCertificationPath,
1385 &ett_x509af_CrossCertificates,
1386 &ett_x509af_CertificationPath,
1387 &ett_x509af_SEQUENCE_OF_CertificatePair,
1388 &ett_x509af_CertificatePair,
1389 &ett_x509af_CertificateList,
1390 &ett_x509af_T_signedCertificateList,
1391 &ett_x509af_T_revokedCertificates,
1392 &ett_x509af_T_revokedCertificates_item,
1393 &ett_x509af_AttributeCertificationPath,
1394 &ett_x509af_SEQUENCE_OF_ACPathData,
1395 &ett_x509af_ACPathData,
1396 &ett_x509af_AttributeCertificate,
1397 &ett_x509af_AttributeCertificateInfo,
1398 &ett_x509af_InfoSubject,
1399 &ett_x509af_SEQUENCE_OF_Attribute,
1400 &ett_x509af_IssuerSerial,
1401 &ett_x509af_AttCertValidityPeriod,
1402 &ett_x509af_AttributeCertificateAssertion,
1403 &ett_x509af_AssertionSubject,
1404 &ett_x509af_SET_OF_AttributeType,
1405 &ett_x509af_DSS_Params,
1406 };
1407
1408 /* Register protocol */
1409 proto_x509af = proto_register_protocol(PNAME, PSNAME, PFNAME);
1410
1411 /* Register fields and subtrees */
1412 proto_register_field_array(proto_x509af, hf, array_length(hf));
1413 proto_register_subtree_array(ett, array_length(ett));
1414
1415 x509af_eo_tap = register_export_object(proto_x509af, x509af_eo_packet, NULL);
1416
1417 register_cleanup_routine(&x509af_cleanup_protocol);
1418
1419 pkix_crl_handle = register_dissector(PFNAME, dissect_pkix_crl, proto_x509af);
1420
1421 register_ber_syntax_dissector("Certificate", proto_x509af, dissect_x509af_Certificate_PDU);
1422 register_ber_syntax_dissector("CertificateList", proto_x509af, dissect_CertificateList_PDU);
1423 register_ber_syntax_dissector("CrossCertificatePair", proto_x509af, dissect_CertificatePair_PDU);
1424
1425 register_ber_oid_syntax(".cer", NULL, "Certificate");
1426 register_ber_oid_syntax(".crt", NULL, "Certificate");
1427 register_ber_oid_syntax(".crl", NULL, "CertificateList");
1428 }
1429
1430
1431 /*--- proto_reg_handoff_x509af -------------------------------------------*/
1432 void proto_reg_handoff_x509af(void) {
1433
1434 dissector_add_string("media_type", "application/pkix-crl", pkix_crl_handle);
1435
1436 register_ber_oid_dissector("2.5.4.36", dissect_x509af_Certificate_PDU, proto_x509af, "id-at-userCertificate");
1437 register_ber_oid_dissector("2.5.4.37", dissect_x509af_Certificate_PDU, proto_x509af, "id-at-cAcertificate");
1438 register_ber_oid_dissector("2.5.4.38", dissect_CertificateList_PDU, proto_x509af, "id-at-authorityRevocationList");
1439 register_ber_oid_dissector("2.5.4.39", dissect_CertificateList_PDU, proto_x509af, "id-at-certificateRevocationList");
1440 register_ber_oid_dissector("2.5.4.40", dissect_CertificatePair_PDU, proto_x509af, "id-at-crossCertificatePair");
1441 register_ber_oid_dissector("2.5.4.53", dissect_CertificateList_PDU, proto_x509af, "id-at-deltaRevocationList");
1442 register_ber_oid_dissector("2.5.4.58", dissect_AttributeCertificate_PDU, proto_x509af, "id-at-attributeCertificate");
1443 register_ber_oid_dissector("2.5.4.59", dissect_CertificateList_PDU, proto_x509af, "id-at-attributeCertificateRevocationList");
1444 register_ber_oid_dissector("1.2.840.10040.4.1", dissect_DSS_Params_PDU, proto_x509af, "id-dsa");
1445 register_ber_oid_dissector("0.9.2342.19200300.100.1.1", dissect_Userid_PDU, proto_x509af, "id-userid");
1446
1447
1448 /*XXX these should really go to a better place but since
1449 I have not that ITU standard, I'll put it here for the time
1450 being.
1451 Only implemented those algorithms that take no parameters
1452 for the time being, ronnie
1453 */
1454 /* from http://www.alvestrand.no/objectid/1.3.14.3.2.html */
1455 register_ber_oid_dissector("1.3.14.3.2.2", dissect_ber_oid_NULL_callback, proto_x509af, "md4WithRSA");
1456 register_ber_oid_dissector("1.3.14.3.2.3", dissect_ber_oid_NULL_callback, proto_x509af, "md5WithRSA");
1457 register_ber_oid_dissector("1.3.14.3.2.4", dissect_ber_oid_NULL_callback, proto_x509af, "md4WithRSAEncryption");
1458 register_ber_oid_dissector("1.3.14.3.2.6", dissect_ber_oid_NULL_callback, proto_x509af, "desECB");
1459 register_ber_oid_dissector("1.3.14.3.2.11", dissect_ber_oid_NULL_callback, proto_x509af, "rsaSignature");
1460 register_ber_oid_dissector("1.3.14.3.2.14", dissect_ber_oid_NULL_callback, proto_x509af, "mdc2WithRSASignature");
1461 register_ber_oid_dissector("1.3.14.3.2.15", dissect_ber_oid_NULL_callback, proto_x509af, "shaWithRSASignature");
1462 register_ber_oid_dissector("1.3.14.3.2.16", dissect_ber_oid_NULL_callback, proto_x509af, "dhWithCommonModulus");
1463 register_ber_oid_dissector("1.3.14.3.2.17", dissect_ber_oid_NULL_callback, proto_x509af, "desEDE");
1464 register_ber_oid_dissector("1.3.14.3.2.18", dissect_ber_oid_NULL_callback, proto_x509af, "sha");
1465 register_ber_oid_dissector("1.3.14.3.2.19", dissect_ber_oid_NULL_callback, proto_x509af, "mdc-2");
1466 register_ber_oid_dissector("1.3.14.3.2.20", dissect_ber_oid_NULL_callback, proto_x509af, "dsaCommon");
1467 register_ber_oid_dissector("1.3.14.3.2.21", dissect_ber_oid_NULL_callback, proto_x509af, "dsaCommonWithSHA");
1468 register_ber_oid_dissector("1.3.14.3.2.22", dissect_ber_oid_NULL_callback, proto_x509af, "rsaKeyTransport");
1469 register_ber_oid_dissector("1.3.14.3.2.23", dissect_ber_oid_NULL_callback, proto_x509af, "keyed-hash-seal");
1470 register_ber_oid_dissector("1.3.14.3.2.24", dissect_ber_oid_NULL_callback, proto_x509af, "md2WithRSASignature");
1471 register_ber_oid_dissector("1.3.14.3.2.25", dissect_ber_oid_NULL_callback, proto_x509af, "md5WithRSASignature");
1472 register_ber_oid_dissector("1.3.14.3.2.26", dissect_ber_oid_NULL_callback, proto_x509af, "SHA-1");
1473 register_ber_oid_dissector("1.3.14.3.2.27", dissect_ber_oid_NULL_callback, proto_x509af, "dsaWithSHA1");
1474 register_ber_oid_dissector("1.3.14.3.2.28", dissect_ber_oid_NULL_callback, proto_x509af, "dsaWithCommonSHA1");
1475 register_ber_oid_dissector("1.3.14.3.2.29", dissect_ber_oid_NULL_callback, proto_x509af, "sha-1WithRSAEncryption");
1476
1477 /* these will generally be encoded as ";binary" in LDAP */
1478
1479 dissector_add_string("ldap.name", "cACertificate", create_dissector_handle(dissect_x509af_Certificate_PDU, proto_x509af));
1480 dissector_add_string("ldap.name", "userCertificate", create_dissector_handle(dissect_x509af_Certificate_PDU, proto_x509af));
1481
1482 dissector_add_string("ldap.name", "certificateRevocationList", create_dissector_handle(dissect_CertificateList_PDU, proto_x509af));
1483 dissector_add_string("ldap.name", "crl", create_dissector_handle(dissect_CertificateList_PDU, proto_x509af));
1484
1485 dissector_add_string("ldap.name", "authorityRevocationList", create_dissector_handle(dissect_CertificateList_PDU, proto_x509af));
1486 dissector_add_string("ldap.name", "arl", create_dissector_handle(dissect_CertificateList_PDU, proto_x509af));
1487
1488 dissector_add_string("ldap.name", "crossCertificatePair", create_dissector_handle(dissect_CertificatePair_PDU, proto_x509af));
1489
1490 /* RFC 7468 files */
1491 dissector_add_string("rfc7468.preeb_label", "CERTIFICATE", create_dissector_handle(dissect_x509af_Certificate_PDU, proto_x509af));
1492 dissector_add_string("rfc7468.preeb_label", "X509 CRL", create_dissector_handle(dissect_CertificateList_PDU, proto_x509af));
1493 dissector_add_string("rfc7468.preeb_label", "ATTRIBUTE CERTIFICATE", create_dissector_handle(dissect_AttributeCertificate_PDU, proto_x509af));
1494 dissector_add_string("rfc7468.preeb_label", "PUBLIC KEY", create_dissector_handle(dissect_SubjectPublicKeyInfo_PDU, proto_x509af));
1495 }
Metzes wireshark repo