diff options
author | Martin Kaiser <wireshark@kaiser.cx> | 2013-12-31 14:20:08 +0000 |
---|---|---|
committer | Martin Kaiser <wireshark@kaiser.cx> | 2013-12-31 14:20:08 +0000 |
commit | 43e892e985fb8e01d7422886a4a88e0e8d69422e (patch) | |
tree | 6b6b1942a196b87aa984e422a092c23317c7bcd8 | |
parent | fc15329e6a33ddd7550b9fb76bcbc5b814bb7e37 (diff) | |
download | wireshark-43e892e985fb8e01d7422886a4a88e0e8d69422e.tar.gz |
From Dirk
dissector for Novell's PKIS certificate extensions
from me
clean up the $Id$ tags
remove packet-pkis(-template).h
remove ASN.1 definitions that cause compiler warnings
(OID, SecurityLabelType2)
move the dissector to the clean ASN.1 dissectors
support CMake build
change the name to novell_pkis
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9597
svn path=/trunk/; revision=54508
-rw-r--r-- | asn1/CMakeLists.txt | 1 | ||||
-rw-r--r-- | asn1/Makefile.am | 1 | ||||
-rw-r--r-- | asn1/Makefile.nmake | 1 | ||||
-rw-r--r-- | asn1/novell_pkis/CMakeLists.txt | 47 | ||||
-rw-r--r-- | asn1/novell_pkis/Makefile.am | 23 | ||||
-rw-r--r-- | asn1/novell_pkis/Makefile.common | 37 | ||||
-rw-r--r-- | asn1/novell_pkis/Makefile.nmake | 26 | ||||
-rw-r--r-- | asn1/novell_pkis/novell_pkis.asn | 283 | ||||
-rw-r--r-- | asn1/novell_pkis/novell_pkis.cnf | 22 | ||||
-rw-r--r-- | asn1/novell_pkis/packet-novell_pkis-template.c | 66 | ||||
-rw-r--r-- | configure.ac | 1 | ||||
-rw-r--r-- | epan/CMakeLists.txt | 1 | ||||
-rw-r--r-- | epan/dissectors/Makefile.common | 1 | ||||
-rw-r--r-- | epan/dissectors/packet-novell_pkis.c | 752 |
14 files changed, 1262 insertions, 0 deletions
diff --git a/asn1/CMakeLists.txt b/asn1/CMakeLists.txt index 8a519a9508..dc86af264b 100644 --- a/asn1/CMakeLists.txt +++ b/asn1/CMakeLists.txt @@ -79,6 +79,7 @@ set(ASN1_SRC_DIRS mpeg-pes nbap ns_cert_exts + novell_pkis ocsp p1 p22 diff --git a/asn1/Makefile.am b/asn1/Makefile.am index 238c845144..0f62fe351d 100644 --- a/asn1/Makefile.am +++ b/asn1/Makefile.am @@ -80,6 +80,7 @@ SUBDIRS = \ mpeg-audio \ mpeg-pes \ nbap \ + novell_pkis \ ns_cert_exts \ ocsp \ p1 \ diff --git a/asn1/Makefile.nmake b/asn1/Makefile.nmake index 1ab5f69239..213adbd2e9 100644 --- a/asn1/Makefile.nmake +++ b/asn1/Makefile.nmake @@ -78,6 +78,7 @@ BER_LIST= \ logotypecertextn \ mms \ ns_cert_exts \ + novell_pkis \ ocsp \ p1 \ p22 \ diff --git a/asn1/novell_pkis/CMakeLists.txt b/asn1/novell_pkis/CMakeLists.txt new file mode 100644 index 0000000000..2895aefc36 --- /dev/null +++ b/asn1/novell_pkis/CMakeLists.txt @@ -0,0 +1,47 @@ +# CMakeLists.txt +# +# $Id$ +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# + +set( PROTOCOL_NAME novell_pkis ) + +set( EXT_ASN_FILE_LIST +) + +set( ASN_FILE_LIST + ${EXT_ASN_FILE_LIST} + ${PROTOCOL_NAME}.asn +) + +set( EXTRA_DIST + ${ASN_FILE_LIST} + packet-${PROTOCOL_NAME}-template.c + ${PROTOCOL_NAME}.cnf +) + +set( SRC_FILES + ${EXTRA_DIST} + ${EXT_ASN_FILE_LIST} +) + +set( A2W_FLAGS -b -u ) + +ASN2WRS() diff --git a/asn1/novell_pkis/Makefile.am b/asn1/novell_pkis/Makefile.am new file mode 100644 index 0000000000..ff76388193 --- /dev/null +++ b/asn1/novell_pkis/Makefile.am @@ -0,0 +1,23 @@ +# $Id$ +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +include ../Makefile.preinc +include Makefile.common +include ../Makefile.inc diff --git a/asn1/novell_pkis/Makefile.common b/asn1/novell_pkis/Makefile.common new file mode 100644 index 0000000000..5ab18b1203 --- /dev/null +++ b/asn1/novell_pkis/Makefile.common @@ -0,0 +1,37 @@ +# $Id$ +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +PROTOCOL_NAME=novell_pkis + +EXT_ASN_FILE_LIST = +ASN_FILE_LIST = $(PROTOCOL_NAME).asn + +EXTRA_DIST = \ + Makefile.nmake \ + $(ASN_FILE_LIST) \ + packet-$(PROTOCOL_NAME)-template.c \ + $(PROTOCOL_NAME).cnf + +SRC_FILES = \ + $(EXTRA_DIST) \ + $(EXT_ASN_FILE_LIST) \ + $(ASN_FILE_LIST) + +A2W_FLAGS = -b -u diff --git a/asn1/novell_pkis/Makefile.nmake b/asn1/novell_pkis/Makefile.nmake new file mode 100644 index 0000000000..ce532ca797 --- /dev/null +++ b/asn1/novell_pkis/Makefile.nmake @@ -0,0 +1,26 @@ +## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake +# +# $Id$ +# +# Wireshark - Network traffic analyzer +# By Gerald Combs <gerald@wireshark.org> +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +include ../../config.nmake +include ../Makefile.preinc.nmake +include Makefile.common +include ../Makefile.inc.nmake diff --git a/asn1/novell_pkis/novell_pkis.asn b/asn1/novell_pkis/novell_pkis.asn new file mode 100644 index 0000000000..fff6c8a9ad --- /dev/null +++ b/asn1/novell_pkis/novell_pkis.asn @@ -0,0 +1,283 @@ +-- from pkisv10.pdf +-- you can find this document at https://web.archive.org/web/19990224174228/http://www.developer.novell.com/repository/attributes/certattrs_v10.htm + +PKIS { joint-iso-ccitt(2) country(16) us(840) organization(1) novell (113719) } DEFINITIONS IMPLICIT TAGS ::= +BEGIN + +-- ASN.1 Definition of Useful Attributes + +-- The following are useful Novell OIDs, etc. +novell OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) country(16) us(840) organization(1) novell (113719)} +applications OBJECT IDENTIFIER ::= {novell applications(1) } +pki OBJECT IDENTIFIER ::= {applications pki(9) } +pkiAttributeType OBJECT IDENTIFIER ::= {pki at(4) } +pkiAttributeSyntax OBJECT IDENTIFIER ::= {pki at(5) } +pkiObjectClass OBJECT IDENTIFIER ::= {pki at(6) } + +-- The following unique PKI attributes are hereby defined under the novell applications pki arc: +pa-sa OBJECT IDENTIFIER ::= { pkiAttributeType (1) } + -- securityAttributes + -- 2.16.840.113719.1.9.4.1 + +pa-rl OBJECT IDENTIFIER ::= { pkiAttributeType (2) } + -- relianceLimit + -- 2.16.840.113719.1.9.4.2 + +SecurityAttributes ::= SEQUENCE { + versionNumber OCTET STRING (SIZE (2)), + -- The initial value should be (01 00) + -- The first octet is the major version, + -- the second octet is the minor version number. + nSI BOOLEAN (TRUE), + -- NSI = “Nonverified Subscriber Information” + -- If FALSE, it means that the CA issuing + -- a certificate HAS verified the validity + -- of ALL of the values contained + -- within the Novell Security Attributes + -- using appropriate means as defined + -- for example in their Certificate Policy + -- and/or Certificate Practice Statement + -- If TRUE, it means that the subscriber + -- requesting the certificate has represented + -- to the CA that the extension defined + -- is valid and correct, but that the CA + -- has not independently validated the accuracy + -- of the attribute. Note that in no case may + -- the CA issue a certificate containing an + -- extension which it has reason to + -- believe is not accurate at the time of + -- issuance, except for test certificates + -- which are identified as such in the + -- Certificate class attribute (by setting + -- the certificateValid flag to FALSE.) + securityTM PrintableString ("Novell Security Attribute(tm)"), + -- Note: Since the “Novell Security + -- Attribute(tm)” string is trademarked, if + -- it is displayed visually to the user it + -- must be presented exactly as shown, + -- in English, even in non-English + -- implementations. A translation of the + -- phrase may be displayed to the user + -- in addition, if desired. + -- Vendors who license the use of the term + -- must agree to check for the presence of + -- this string in any attribute defined (by its + -- OID) as a Novell Security attribute + uriReference IA5String, + -- The initial value should be set to (“http://developer.novell.com/repository/attributes/certattrs_v10.htm”), + -- This attribute will be included in all + -- NICI and PKIS certificates. + -- Novell will maintain a copy of this + -- document or other suitable definition + -- at that location. + gLBExtensions GLBExtensions +} + +GLBExtensions::=SEQUENCE{ + -- These are the extensions over which the + -- Greatest Lower Bound is computed within NICI. + keyQuality [0] IMPLICIT KeyQuality, + cryptoProcessQuality [1] IMPLICIT CryptoProcessQuality, + certificateClass [2] IMPLICIT CertificateClass, + enterpriseId [3] IMPLICIT EnterpriseId +} + +-- ASN.1 Definitions of Key Quality and Crypto Process Quality Attributes: +KeyQuality ::= Quality +CryptoProcessQuality ::= Quality + +Quality ::= SEQUENCE { + enforceQuality BOOLEAN, + -- If TRUE, the explicit attributes compusecQuality, + -- cryptoQuality, and keyStorageQuality, plus the + -- implicit attributes algorithmType and keyLength + -- are either enforced at all times, or a dynamic low + -- water mark (Greatest Lower Bound)may be maintained. + -- I.e., if enforceQuality is TRUE for the + -- keyQuality attribute, the key must never be + -- allowed to be transported to and/or used on any + -- platform that does not meet the minimum + -- criteria, and hence enforceQuality must be TRUE for + -- the cryptoProcessQuality as well + -- If enforceQuality is FALSE for keyQuality, but + -- TRUE for cryptoProcessQuality, then the + -- operating system has not enforced the criteria + -- in any technical sense, but the subscriber + -- is nonetheless representing that the minimum + -- criteria will be maintained, + -- e.g., by manual or procedural controls. + -- For PKIS and NICI versions 1.0, enforceQuality + -- must be set to FALSE in the keyQuality attribute. + compusecQuality CompusecQuality, + cryptoQuality CryptoQuality, + keyStorageQuality INTEGER (0..255) -- See definitions in Appendix C +} + +CompusecQuality ::= SEQUENCE SIZE (1..1) + OF CompusecQualityPair + -- Multiple pairs of {Criteria, Rating} are allowed + -- In the first release, only one pair(TCSEC criteria)is provided + +CompusecQualityPair ::= SEQUENCE { + compusecCriteria INTEGER(0..255), + -- The default should be 1, but DEFAULT implies OPTIONAL, which + -- is not the intent. So the value has to be coded explicitly. + -- 0= Reserved (encoding error) + -- 1= Trusted Computer Security Evaluation Criteria (TCSEC) + -- 2= International Trusted Security Evaluation Criteria (ITSEC) + -- 3= Common Criteria + -- all others reserved + compusecRating INTEGER (0..255) + -- the compusecRating is in accordance with the specified + -- compusecCriteria for each pair in the sequence + -- Defined values for ratings for components and systems formally + -- evaluated in accordance with the Trusted Computer Security + -- Evaluation Criteria and the Trusted Network Interpretation + -- (Red Book) are provided in Appendix A. +} + +CryptoQuality ::= SEQUENCE SIZE (1..1) + OF CryptoQualityPair + -- Multiple pairs of {Criteria, Rating} are allowed. + -- In the initial release, only one pair is provided. + +CryptoQualityPair ::= SEQUENCE { + cryptoModuleCriteria INTEGER(0..255), + -- The default should be 1, but DEFAULT implies OPTIONAL, which + -- is not the intent. So the value has to be coded explicitly. + -- 1 = FIPS 140-1 + -- all others reserved + cryptoModuleRating INTEGER (0..255) + -- the cryptoModuleRating value is in accordance with + -- the specified cryptoModuleCriteria for each pair + -- FIPS 140-1 ratings definitions: + -- 0 = Reserved (encoding error) + -- 1 = unevaluated/unknown, + -- all others—see Appendix B +} + +-- ASN.1 Definition of Certificate Class Attribute: + +CertificateClass ::= SEQUENCE { + classValue INTEGER (0..255), + -- Defined class values are contained in Appendix C + certificateValid BOOLEAN + -- The default should be true, but DEFAULT is OPTIONAL + -- which would make the GLB computation awkward. + -- See Section 5 and the footnote for a discussion. +} + +-- ASN.1 Definition of Enterprise Identifier Attribute: + +EnterpriseId ::= SEQUENCE { + rootLabel [0] IMPLICIT SecurityLabelType1, + registryLabel [1] IMPLICIT SecurityLabelType1, + enterpriseLabel [2] IMPLICIT SEQUENCE SIZE (1..1) OF SecurityLabelType1 +} + +SecurityLabelType1 ::= SEQUENCE { + labelType1 INTEGER (0..255), + -- The default should be 2, but DEFAULT implies OPTIONAL, which + -- is not the intent. So the value has to be coded explicitly. + -- Note that the label type for Version 1 + -- of Graded Authentication is 0 or 1. + -- Byte sizes and reserved fields are omitted, + -- because they are derivable from the ASN.1. + secrecyLevel1 INTEGER (0..255), + -- The default should be 0, but DEFAULT implies OPTIONAL, which + -- is not the intent. So the value has to be coded explicitly. + -- 0 = low secrecy, 255 = high secrecy + -- It seems highly unlikely anyone would ever + -- need more than 255 secrecy levels + integrityLevel1 INTEGER (0..255), + -- The default should be 0, but DEFAULT implies OPTIONAL, which + -- is not the intent. So the value has to be coded explicitly. + -- NOTE! 255 = low integrity, 0 = high integrity! + -- It seems highly unlikely anyone would ever + -- need more than 255 integrity levels + secrecyCategories1 BIT STRING (SIZE(96)), + -- The default should be FALSE, but DEFAULT implies OPTIONAL, + -- which is not the intent. So the value has to be coded + -- explicitly. + -- 96 secrecy categories, 0 origin indexing + integrityCategories1 BIT STRING (SIZE(64)), + -- The default should be FALSE, but DEFAULT implies OPTIONAL, + -- which is not the intent. So the value has to be coded + -- explicitly. + -- 64 integrity categories, 0 origin indexing + secrecySingletons1 Singletons, + integritySingletons1 Singletons +} + +-- (removed the unused definition of SecurityLabelType2) + +Singletons ::= SEQUENCE SIZE (1..16) OF SingletonChoice + -- Presently up to 16 singletons or singleton ranges + -- can be defined within one security label. This + -- is completely arbitrary and can be easily changed, + -- but it seems reasonable. Note that no more space + -- is taken in the ASN.1 DER encoding than is actually + -- required. + +SingletonChoice ::= CHOICE { + uniqueSingleton INTEGER (0..9223372036854775807), + -- The implied value of the singleton being + -- specified in this case is TRUE. + -- Note that there isn’t any way to set a + -- singleton value to FALSE, except by using the + -- SingletonRange functions with identical lower + -- and upper bounds. + singletonRange SingletonRange +} + +SingletonRange ::= SEQUENCE { + singletonLowerBound INTEGER (0..9223372036854775807), + -- The default should be 0, but DEFAULT implies OPTIONAL, + -- which is not the intent. So the value has to be coded + -- explicitly. + -- Lower bound of a range of singletons + -- to be set to the singletonValue specified + + singletonUpperBound INTEGER (0..9223372036854775807), + -- The default should be 9223372036854775807, + -- but DEFAULT implies OPTIONAL, + -- which is not the intent. So the value has to be coded + -- explicitly. + -- Upper bound of a range of singletons + -- to be set to the singletonValue specified + singletonValue BOOLEAN + -- An entire range of singletons can be set to + -- either TRUE or FALSE. + -- Note that singletonRanges are allowed to overlap, + -- and in particular that a uniqueSingleton can + -- reset a singleton value already set by a + -- singletonRange, and vice versa. + -- The uniqueSingleton and singletonRanges are applied + -- consecutively, from the lower bound of SEQUENCE (1) + -- to the upper bound. +} + +-- ASN.1 Definition of Reliance Limit Attribute: + +-- relianceLimits EXTENSION ::= { SYNTAX RelianceLimits IDENTIFIED BY {pa-rl) } +-- 2.16.840.113719.1.9.4.2 + +RelianceLimits ::= SEQUENCE { + perTransactionLimit MonetaryValue, + perCertificateLimit MonetaryValue +} + +MonetaryValue ::= SEQUENCE { -- from SET and draft ANSI X9.45 + currency Currency, + amount INTEGER, -- value is amount * (10 ** amtExp10), an exact representation + amtExp10 INTEGER +} + +Currency ::= INTEGER (1..999) +-- currency denomination from ISO 4217 +-- cf. Appendix E for the numeric currency codes and their +-- alphabetic (display) equivalents. +-- US Dollar (USD) is 840. +-- Euro (EUR) is 978. + +END diff --git a/asn1/novell_pkis/novell_pkis.cnf b/asn1/novell_pkis/novell_pkis.cnf new file mode 100644 index 0000000000..c173f2dd4a --- /dev/null +++ b/asn1/novell_pkis/novell_pkis.cnf @@ -0,0 +1,22 @@ +# pkis.cnf + +# $Id$ + +#.MODULE_IMPORT + +#.EXPORTS + +#.REGISTER +SecurityAttributes B "2.16.840.1.113719.1.9.4.1" "pa-sa" +RelianceLimits B "2.16.840.1.113719.1.9.4.2" "pa-rl" + +#.PDU +# PKIS-MESSAGE + +#.NO_EMIT + +#.TYPE_RENAME + +#.FIELD_RENAME + +#.END diff --git a/asn1/novell_pkis/packet-novell_pkis-template.c b/asn1/novell_pkis/packet-novell_pkis-template.c new file mode 100644 index 0000000000..c0192c5f33 --- /dev/null +++ b/asn1/novell_pkis/packet-novell_pkis-template.c @@ -0,0 +1,66 @@ +/* packet-novell_pkis.c + * + * $Id$ + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#include <glib.h> +#include <epan/expert.h> +#include <epan/packet.h> +#include <epan/prefs.h> +#include <epan/oids.h> +#include <epan/conversation.h> +#include <epan/asn1.h> + +#include <stdio.h> +#include <string.h> + +#include <epan/dissectors/packet-per.h> +#include "packet-ber.h" + +#include "packet-novell_pkis-hf.c" +#include "packet-novell_pkis-ett.c" +#include "packet-novell_pkis-fn.c" + +static int proto_novell_pkis = -1; + +void proto_reg_handoff_novell_pkis(void) +{ +#include "packet-novell_pkis-dis-tab.c" +} + +void proto_register_novell_pkis (void) +{ + static hf_register_info hf[] = { +#include "packet-novell_pkis-hfarr.c" + }; + static gint *ett[] = { +#include "packet-novell_pkis-ettarr.c" + }; + + /* execute protocol initialization only once */ + if (proto_novell_pkis != -1) return; + + proto_novell_pkis = proto_register_protocol("Novell PKIS ASN.1 type", "novell_pkis", "novell_pkis"); + proto_register_field_array (proto_novell_pkis, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} diff --git a/configure.ac b/configure.ac index 5808cded2b..0a6fb01ec1 100644 --- a/configure.ac +++ b/configure.ac @@ -2801,6 +2801,7 @@ AC_OUTPUT( asn1/mpeg-pes/Makefile asn1/nbap/Makefile asn1/ns_cert_exts/Makefile + asn1/novell_pkis/Makefile asn1/ocsp/Makefile asn1/p1/Makefile asn1/p22/Makefile diff --git a/epan/CMakeLists.txt b/epan/CMakeLists.txt index 66a7cf4e4a..a6eec91399 100644 --- a/epan/CMakeLists.txt +++ b/epan/CMakeLists.txt @@ -237,6 +237,7 @@ set(ASN1_DISSECTOR_SRC dissectors/packet-mpeg-audio.c dissectors/packet-mpeg-pes.c dissectors/packet-nbap.c + dissectors/packet-novell_pkis.c dissectors/packet-ns_cert_exts.c dissectors/packet-ocsp.c dissectors/packet-p22.c diff --git a/epan/dissectors/Makefile.common b/epan/dissectors/Makefile.common index 4d3cac798d..d1ff9a1ca6 100644 --- a/epan/dissectors/Makefile.common +++ b/epan/dissectors/Makefile.common @@ -148,6 +148,7 @@ ASN1_DISSECTOR_SRC = \ packet-mpeg-audio.c \ packet-mpeg-pes.c \ packet-nbap.c \ + packet-novell_pkis.c \ packet-ns_cert_exts.c \ packet-ocsp.c \ packet-opsi.c \ diff --git a/epan/dissectors/packet-novell_pkis.c b/epan/dissectors/packet-novell_pkis.c new file mode 100644 index 0000000000..732a063d30 --- /dev/null +++ b/epan/dissectors/packet-novell_pkis.c @@ -0,0 +1,752 @@ +/* Do not modify this file. Changes will be overwritten. */ +/* Generated automatically by the ASN.1 to Wireshark dissector compiler */ +/* packet-novell_pkis.c */ +/* ../../tools/asn2wrs.py -b -u -p novell_pkis -c ./novell_pkis.cnf -s ./packet-novell_pkis-template -D . -O ../../epan/dissectors novell_pkis.asn */ + +/* Input file: packet-novell_pkis-template.c */ + +#line 1 "../../asn1/novell_pkis/packet-novell_pkis-template.c" +/* packet-novell_pkis.c + * + * $Id$ + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#include <glib.h> +#include <epan/expert.h> +#include <epan/packet.h> +#include <epan/prefs.h> +#include <epan/oids.h> +#include <epan/conversation.h> +#include <epan/asn1.h> + +#include <stdio.h> +#include <string.h> + +#include <epan/dissectors/packet-per.h> +#include "packet-ber.h" + + +/*--- Included file: packet-novell_pkis-hf.c ---*/ +#line 1 "../../asn1/novell_pkis/packet-novell_pkis-hf.c" +static int hf_novell_pkis_SecurityAttributes_PDU = -1; /* SecurityAttributes */ +static int hf_novell_pkis_RelianceLimits_PDU = -1; /* RelianceLimits */ +static int hf_novell_pkis_versionNumber = -1; /* OCTET_STRING_SIZE_2 */ +static int hf_novell_pkis_nSI = -1; /* BOOLEAN */ +static int hf_novell_pkis_securityTM = -1; /* T_securityTM */ +static int hf_novell_pkis_uriReference = -1; /* IA5String */ +static int hf_novell_pkis_gLBExtensions = -1; /* GLBExtensions */ +static int hf_novell_pkis_keyQuality = -1; /* KeyQuality */ +static int hf_novell_pkis_cryptoProcessQuality = -1; /* CryptoProcessQuality */ +static int hf_novell_pkis_certificateClass = -1; /* CertificateClass */ +static int hf_novell_pkis_enterpriseId = -1; /* EnterpriseId */ +static int hf_novell_pkis_enforceQuality = -1; /* BOOLEAN */ +static int hf_novell_pkis_compusecQuality = -1; /* CompusecQuality */ +static int hf_novell_pkis_cryptoQuality = -1; /* CryptoQuality */ +static int hf_novell_pkis_keyStorageQuality = -1; /* INTEGER_0_255 */ +static int hf_novell_pkis_CompusecQuality_item = -1; /* CompusecQualityPair */ +static int hf_novell_pkis_compusecCriteria = -1; /* INTEGER_0_255 */ +static int hf_novell_pkis_compusecRating = -1; /* INTEGER_0_255 */ +static int hf_novell_pkis_CryptoQuality_item = -1; /* CryptoQualityPair */ +static int hf_novell_pkis_cryptoModuleCriteria = -1; /* INTEGER_0_255 */ +static int hf_novell_pkis_cryptoModuleRating = -1; /* INTEGER_0_255 */ +static int hf_novell_pkis_classValue = -1; /* INTEGER_0_255 */ +static int hf_novell_pkis_certificateValid = -1; /* BOOLEAN */ +static int hf_novell_pkis_rootLabel = -1; /* SecurityLabelType1 */ +static int hf_novell_pkis_registryLabel = -1; /* SecurityLabelType1 */ +static int hf_novell_pkis_enterpriseLabel = -1; /* SEQUENCE_SIZE_1_1_OF_SecurityLabelType1 */ +static int hf_novell_pkis_enterpriseLabel_item = -1; /* SecurityLabelType1 */ +static int hf_novell_pkis_labelType1 = -1; /* INTEGER_0_255 */ +static int hf_novell_pkis_secrecyLevel1 = -1; /* INTEGER_0_255 */ +static int hf_novell_pkis_integrityLevel1 = -1; /* INTEGER_0_255 */ +static int hf_novell_pkis_secrecyCategories1 = -1; /* BIT_STRING_SIZE_96 */ +static int hf_novell_pkis_integrityCategories1 = -1; /* BIT_STRING_SIZE_64 */ +static int hf_novell_pkis_secrecySingletons1 = -1; /* Singletons */ +static int hf_novell_pkis_integritySingletons1 = -1; /* Singletons */ +static int hf_novell_pkis_Singletons_item = -1; /* SingletonChoice */ +static int hf_novell_pkis_uniqueSingleton = -1; /* INTEGER_0_9223372036854775807 */ +static int hf_novell_pkis_singletonRange = -1; /* SingletonRange */ +static int hf_novell_pkis_singletonLowerBound = -1; /* INTEGER_0_9223372036854775807 */ +static int hf_novell_pkis_singletonUpperBound = -1; /* INTEGER_0_9223372036854775807 */ +static int hf_novell_pkis_singletonValue = -1; /* BOOLEAN */ +static int hf_novell_pkis_perTransactionLimit = -1; /* MonetaryValue */ +static int hf_novell_pkis_perCertificateLimit = -1; /* MonetaryValue */ +static int hf_novell_pkis_currency = -1; /* Currency */ +static int hf_novell_pkis_amount = -1; /* INTEGER */ +static int hf_novell_pkis_amtExp10 = -1; /* INTEGER */ + +/*--- End of included file: packet-novell_pkis-hf.c ---*/ +#line 41 "../../asn1/novell_pkis/packet-novell_pkis-template.c" + +/*--- Included file: packet-novell_pkis-ett.c ---*/ +#line 1 "../../asn1/novell_pkis/packet-novell_pkis-ett.c" +static gint ett_novell_pkis_SecurityAttributes = -1; +static gint ett_novell_pkis_GLBExtensions = -1; +static gint ett_novell_pkis_Quality = -1; +static gint ett_novell_pkis_CompusecQuality = -1; +static gint ett_novell_pkis_CompusecQualityPair = -1; +static gint ett_novell_pkis_CryptoQuality = -1; +static gint ett_novell_pkis_CryptoQualityPair = -1; +static gint ett_novell_pkis_CertificateClass = -1; +static gint ett_novell_pkis_EnterpriseId = -1; +static gint ett_novell_pkis_SEQUENCE_SIZE_1_1_OF_SecurityLabelType1 = -1; +static gint ett_novell_pkis_SecurityLabelType1 = -1; +static gint ett_novell_pkis_Singletons = -1; +static gint ett_novell_pkis_SingletonChoice = -1; +static gint ett_novell_pkis_SingletonRange = -1; +static gint ett_novell_pkis_RelianceLimits = -1; +static gint ett_novell_pkis_MonetaryValue = -1; + +/*--- End of included file: packet-novell_pkis-ett.c ---*/ +#line 42 "../../asn1/novell_pkis/packet-novell_pkis-template.c" + +/*--- Included file: packet-novell_pkis-fn.c ---*/ +#line 1 "../../asn1/novell_pkis/packet-novell_pkis-fn.c" + + +static int +dissect_novell_pkis_OCTET_STRING_SIZE_2(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + + +static int +dissect_novell_pkis_BOOLEAN(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_boolean(implicit_tag, actx, tree, tvb, offset, hf_index, NULL); + + return offset; +} + + + +static int +dissect_novell_pkis_T_securityTM(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_PrintableString, + actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + + +static int +dissect_novell_pkis_IA5String(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_IA5String, + actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + + +static int +dissect_novell_pkis_INTEGER_0_255(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + +static const ber_sequence_t CompusecQualityPair_sequence[] = { + { &hf_novell_pkis_compusecCriteria, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_255 }, + { &hf_novell_pkis_compusecRating, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_255 }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_CompusecQualityPair(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + CompusecQualityPair_sequence, hf_index, ett_novell_pkis_CompusecQualityPair); + + return offset; +} + + +static const ber_sequence_t CompusecQuality_sequence_of[1] = { + { &hf_novell_pkis_CompusecQuality_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_CompusecQualityPair }, +}; + +static int +dissect_novell_pkis_CompusecQuality(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset, + CompusecQuality_sequence_of, hf_index, ett_novell_pkis_CompusecQuality); + + return offset; +} + + +static const ber_sequence_t CryptoQualityPair_sequence[] = { + { &hf_novell_pkis_cryptoModuleCriteria, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_255 }, + { &hf_novell_pkis_cryptoModuleRating, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_255 }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_CryptoQualityPair(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + CryptoQualityPair_sequence, hf_index, ett_novell_pkis_CryptoQualityPair); + + return offset; +} + + +static const ber_sequence_t CryptoQuality_sequence_of[1] = { + { &hf_novell_pkis_CryptoQuality_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_CryptoQualityPair }, +}; + +static int +dissect_novell_pkis_CryptoQuality(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset, + CryptoQuality_sequence_of, hf_index, ett_novell_pkis_CryptoQuality); + + return offset; +} + + +static const ber_sequence_t Quality_sequence[] = { + { &hf_novell_pkis_enforceQuality, BER_CLASS_UNI, BER_UNI_TAG_BOOLEAN, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_BOOLEAN }, + { &hf_novell_pkis_compusecQuality, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_CompusecQuality }, + { &hf_novell_pkis_cryptoQuality, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_CryptoQuality }, + { &hf_novell_pkis_keyStorageQuality, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_255 }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_Quality(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + Quality_sequence, hf_index, ett_novell_pkis_Quality); + + return offset; +} + + + +static int +dissect_novell_pkis_KeyQuality(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_novell_pkis_Quality(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} + + + +static int +dissect_novell_pkis_CryptoProcessQuality(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_novell_pkis_Quality(implicit_tag, tvb, offset, actx, tree, hf_index); + + return offset; +} + + +static const ber_sequence_t CertificateClass_sequence[] = { + { &hf_novell_pkis_classValue, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_255 }, + { &hf_novell_pkis_certificateValid, BER_CLASS_UNI, BER_UNI_TAG_BOOLEAN, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_BOOLEAN }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_CertificateClass(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + CertificateClass_sequence, hf_index, ett_novell_pkis_CertificateClass); + + return offset; +} + + + +static int +dissect_novell_pkis_BIT_STRING_SIZE_96(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset, + NULL, hf_index, -1, + NULL); + + return offset; +} + + + +static int +dissect_novell_pkis_BIT_STRING_SIZE_64(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset, + NULL, hf_index, -1, + NULL); + + return offset; +} + + + +static int +dissect_novell_pkis_INTEGER_0_9223372036854775807(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + +static const ber_sequence_t SingletonRange_sequence[] = { + { &hf_novell_pkis_singletonLowerBound, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_9223372036854775807 }, + { &hf_novell_pkis_singletonUpperBound, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_9223372036854775807 }, + { &hf_novell_pkis_singletonValue, BER_CLASS_UNI, BER_UNI_TAG_BOOLEAN, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_BOOLEAN }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_SingletonRange(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + SingletonRange_sequence, hf_index, ett_novell_pkis_SingletonRange); + + return offset; +} + + +static const value_string novell_pkis_SingletonChoice_vals[] = { + { 0, "uniqueSingleton" }, + { 1, "singletonRange" }, + { 0, NULL } +}; + +static const ber_choice_t SingletonChoice_choice[] = { + { 0, &hf_novell_pkis_uniqueSingleton, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_9223372036854775807 }, + { 1, &hf_novell_pkis_singletonRange, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_SingletonRange }, + { 0, NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_SingletonChoice(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_choice(actx, tree, tvb, offset, + SingletonChoice_choice, hf_index, ett_novell_pkis_SingletonChoice, + NULL); + + return offset; +} + + +static const ber_sequence_t Singletons_sequence_of[1] = { + { &hf_novell_pkis_Singletons_item, BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_novell_pkis_SingletonChoice }, +}; + +static int +dissect_novell_pkis_Singletons(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset, + Singletons_sequence_of, hf_index, ett_novell_pkis_Singletons); + + return offset; +} + + +static const ber_sequence_t SecurityLabelType1_sequence[] = { + { &hf_novell_pkis_labelType1, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_255 }, + { &hf_novell_pkis_secrecyLevel1, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_255 }, + { &hf_novell_pkis_integrityLevel1, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER_0_255 }, + { &hf_novell_pkis_secrecyCategories1, BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_BIT_STRING_SIZE_96 }, + { &hf_novell_pkis_integrityCategories1, BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_BIT_STRING_SIZE_64 }, + { &hf_novell_pkis_secrecySingletons1, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_Singletons }, + { &hf_novell_pkis_integritySingletons1, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_Singletons }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_SecurityLabelType1(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + SecurityLabelType1_sequence, hf_index, ett_novell_pkis_SecurityLabelType1); + + return offset; +} + + +static const ber_sequence_t SEQUENCE_SIZE_1_1_OF_SecurityLabelType1_sequence_of[1] = { + { &hf_novell_pkis_enterpriseLabel_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_SecurityLabelType1 }, +}; + +static int +dissect_novell_pkis_SEQUENCE_SIZE_1_1_OF_SecurityLabelType1(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset, + SEQUENCE_SIZE_1_1_OF_SecurityLabelType1_sequence_of, hf_index, ett_novell_pkis_SEQUENCE_SIZE_1_1_OF_SecurityLabelType1); + + return offset; +} + + +static const ber_sequence_t EnterpriseId_sequence[] = { + { &hf_novell_pkis_rootLabel, BER_CLASS_CON, 0, BER_FLAGS_IMPLTAG, dissect_novell_pkis_SecurityLabelType1 }, + { &hf_novell_pkis_registryLabel, BER_CLASS_CON, 1, BER_FLAGS_IMPLTAG, dissect_novell_pkis_SecurityLabelType1 }, + { &hf_novell_pkis_enterpriseLabel, BER_CLASS_CON, 2, BER_FLAGS_IMPLTAG, dissect_novell_pkis_SEQUENCE_SIZE_1_1_OF_SecurityLabelType1 }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_EnterpriseId(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + EnterpriseId_sequence, hf_index, ett_novell_pkis_EnterpriseId); + + return offset; +} + + +static const ber_sequence_t GLBExtensions_sequence[] = { + { &hf_novell_pkis_keyQuality, BER_CLASS_CON, 0, BER_FLAGS_IMPLTAG, dissect_novell_pkis_KeyQuality }, + { &hf_novell_pkis_cryptoProcessQuality, BER_CLASS_CON, 1, BER_FLAGS_IMPLTAG, dissect_novell_pkis_CryptoProcessQuality }, + { &hf_novell_pkis_certificateClass, BER_CLASS_CON, 2, BER_FLAGS_IMPLTAG, dissect_novell_pkis_CertificateClass }, + { &hf_novell_pkis_enterpriseId, BER_CLASS_CON, 3, BER_FLAGS_IMPLTAG, dissect_novell_pkis_EnterpriseId }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_GLBExtensions(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + GLBExtensions_sequence, hf_index, ett_novell_pkis_GLBExtensions); + + return offset; +} + + +static const ber_sequence_t SecurityAttributes_sequence[] = { + { &hf_novell_pkis_versionNumber, BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_OCTET_STRING_SIZE_2 }, + { &hf_novell_pkis_nSI , BER_CLASS_UNI, BER_UNI_TAG_BOOLEAN, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_BOOLEAN }, + { &hf_novell_pkis_securityTM, BER_CLASS_UNI, BER_UNI_TAG_PrintableString, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_T_securityTM }, + { &hf_novell_pkis_uriReference, BER_CLASS_UNI, BER_UNI_TAG_IA5String, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_IA5String }, + { &hf_novell_pkis_gLBExtensions, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_GLBExtensions }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_SecurityAttributes(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + SecurityAttributes_sequence, hf_index, ett_novell_pkis_SecurityAttributes); + + return offset; +} + + + +static int +dissect_novell_pkis_Currency(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + + +static int +dissect_novell_pkis_INTEGER(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + +static const ber_sequence_t MonetaryValue_sequence[] = { + { &hf_novell_pkis_currency, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_Currency }, + { &hf_novell_pkis_amount , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER }, + { &hf_novell_pkis_amtExp10, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_INTEGER }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_MonetaryValue(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + MonetaryValue_sequence, hf_index, ett_novell_pkis_MonetaryValue); + + return offset; +} + + +static const ber_sequence_t RelianceLimits_sequence[] = { + { &hf_novell_pkis_perTransactionLimit, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_MonetaryValue }, + { &hf_novell_pkis_perCertificateLimit, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_novell_pkis_MonetaryValue }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_novell_pkis_RelianceLimits(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + RelianceLimits_sequence, hf_index, ett_novell_pkis_RelianceLimits); + + return offset; +} + +/*--- PDUs ---*/ + +static void dissect_SecurityAttributes_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) { + asn1_ctx_t asn1_ctx; + asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); + dissect_novell_pkis_SecurityAttributes(FALSE, tvb, 0, &asn1_ctx, tree, hf_novell_pkis_SecurityAttributes_PDU); +} +static void dissect_RelianceLimits_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) { + asn1_ctx_t asn1_ctx; + asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); + dissect_novell_pkis_RelianceLimits(FALSE, tvb, 0, &asn1_ctx, tree, hf_novell_pkis_RelianceLimits_PDU); +} + + +/*--- End of included file: packet-novell_pkis-fn.c ---*/ +#line 43 "../../asn1/novell_pkis/packet-novell_pkis-template.c" + +static int proto_novell_pkis = -1; + +void proto_reg_handoff_novell_pkis(void) +{ + +/*--- Included file: packet-novell_pkis-dis-tab.c ---*/ +#line 1 "../../asn1/novell_pkis/packet-novell_pkis-dis-tab.c" + register_ber_oid_dissector("2.16.840.1.113719.1.9.4.1", dissect_SecurityAttributes_PDU, proto_novell_pkis, "pa-sa"); + register_ber_oid_dissector("2.16.840.1.113719.1.9.4.2", dissect_RelianceLimits_PDU, proto_novell_pkis, "pa-rl"); + + +/*--- End of included file: packet-novell_pkis-dis-tab.c ---*/ +#line 49 "../../asn1/novell_pkis/packet-novell_pkis-template.c" +} + +void proto_register_novell_pkis (void) +{ + static hf_register_info hf[] = { + +/*--- Included file: packet-novell_pkis-hfarr.c ---*/ +#line 1 "../../asn1/novell_pkis/packet-novell_pkis-hfarr.c" + { &hf_novell_pkis_SecurityAttributes_PDU, + { "SecurityAttributes", "novell_pkis.SecurityAttributes_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_RelianceLimits_PDU, + { "RelianceLimits", "novell_pkis.RelianceLimits_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_versionNumber, + { "versionNumber", "novell_pkis.versionNumber", + FT_BYTES, BASE_NONE, NULL, 0, + "OCTET_STRING_SIZE_2", HFILL }}, + { &hf_novell_pkis_nSI, + { "nSI", "novell_pkis.nSI", + FT_BOOLEAN, BASE_NONE, NULL, 0, + "BOOLEAN", HFILL }}, + { &hf_novell_pkis_securityTM, + { "securityTM", "novell_pkis.securityTM", + FT_STRING, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_uriReference, + { "uriReference", "novell_pkis.uriReference", + FT_STRING, BASE_NONE, NULL, 0, + "IA5String", HFILL }}, + { &hf_novell_pkis_gLBExtensions, + { "gLBExtensions", "novell_pkis.gLBExtensions_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_keyQuality, + { "keyQuality", "novell_pkis.keyQuality_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_cryptoProcessQuality, + { "cryptoProcessQuality", "novell_pkis.cryptoProcessQuality_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_certificateClass, + { "certificateClass", "novell_pkis.certificateClass_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_enterpriseId, + { "enterpriseId", "novell_pkis.enterpriseId_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_enforceQuality, + { "enforceQuality", "novell_pkis.enforceQuality", + FT_BOOLEAN, BASE_NONE, NULL, 0, + "BOOLEAN", HFILL }}, + { &hf_novell_pkis_compusecQuality, + { "compusecQuality", "novell_pkis.compusecQuality", + FT_UINT32, BASE_DEC, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_cryptoQuality, + { "cryptoQuality", "novell_pkis.cryptoQuality", + FT_UINT32, BASE_DEC, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_keyStorageQuality, + { "keyStorageQuality", "novell_pkis.keyStorageQuality", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_255", HFILL }}, + { &hf_novell_pkis_CompusecQuality_item, + { "CompusecQualityPair", "novell_pkis.CompusecQualityPair_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_compusecCriteria, + { "compusecCriteria", "novell_pkis.compusecCriteria", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_255", HFILL }}, + { &hf_novell_pkis_compusecRating, + { "compusecRating", "novell_pkis.compusecRating", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_255", HFILL }}, + { &hf_novell_pkis_CryptoQuality_item, + { "CryptoQualityPair", "novell_pkis.CryptoQualityPair_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_cryptoModuleCriteria, + { "cryptoModuleCriteria", "novell_pkis.cryptoModuleCriteria", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_255", HFILL }}, + { &hf_novell_pkis_cryptoModuleRating, + { "cryptoModuleRating", "novell_pkis.cryptoModuleRating", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_255", HFILL }}, + { &hf_novell_pkis_classValue, + { "classValue", "novell_pkis.classValue", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_255", HFILL }}, + { &hf_novell_pkis_certificateValid, + { "certificateValid", "novell_pkis.certificateValid", + FT_BOOLEAN, BASE_NONE, NULL, 0, + "BOOLEAN", HFILL }}, + { &hf_novell_pkis_rootLabel, + { "rootLabel", "novell_pkis.rootLabel_element", + FT_NONE, BASE_NONE, NULL, 0, + "SecurityLabelType1", HFILL }}, + { &hf_novell_pkis_registryLabel, + { "registryLabel", "novell_pkis.registryLabel_element", + FT_NONE, BASE_NONE, NULL, 0, + "SecurityLabelType1", HFILL }}, + { &hf_novell_pkis_enterpriseLabel, + { "enterpriseLabel", "novell_pkis.enterpriseLabel", + FT_UINT32, BASE_DEC, NULL, 0, + "SEQUENCE_SIZE_1_1_OF_SecurityLabelType1", HFILL }}, + { &hf_novell_pkis_enterpriseLabel_item, + { "SecurityLabelType1", "novell_pkis.SecurityLabelType1_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_labelType1, + { "labelType1", "novell_pkis.labelType1", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_255", HFILL }}, + { &hf_novell_pkis_secrecyLevel1, + { "secrecyLevel1", "novell_pkis.secrecyLevel1", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_255", HFILL }}, + { &hf_novell_pkis_integrityLevel1, + { "integrityLevel1", "novell_pkis.integrityLevel1", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_255", HFILL }}, + { &hf_novell_pkis_secrecyCategories1, + { "secrecyCategories1", "novell_pkis.secrecyCategories1", + FT_BYTES, BASE_NONE, NULL, 0, + "BIT_STRING_SIZE_96", HFILL }}, + { &hf_novell_pkis_integrityCategories1, + { "integrityCategories1", "novell_pkis.integrityCategories1", + FT_BYTES, BASE_NONE, NULL, 0, + "BIT_STRING_SIZE_64", HFILL }}, + { &hf_novell_pkis_secrecySingletons1, + { "secrecySingletons1", "novell_pkis.secrecySingletons1", + FT_UINT32, BASE_DEC, NULL, 0, + "Singletons", HFILL }}, + { &hf_novell_pkis_integritySingletons1, + { "integritySingletons1", "novell_pkis.integritySingletons1", + FT_UINT32, BASE_DEC, NULL, 0, + "Singletons", HFILL }}, + { &hf_novell_pkis_Singletons_item, + { "SingletonChoice", "novell_pkis.SingletonChoice", + FT_UINT32, BASE_DEC, VALS(novell_pkis_SingletonChoice_vals), 0, + NULL, HFILL }}, + { &hf_novell_pkis_uniqueSingleton, + { "uniqueSingleton", "novell_pkis.uniqueSingleton", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_9223372036854775807", HFILL }}, + { &hf_novell_pkis_singletonRange, + { "singletonRange", "novell_pkis.singletonRange_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_singletonLowerBound, + { "singletonLowerBound", "novell_pkis.singletonLowerBound", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_9223372036854775807", HFILL }}, + { &hf_novell_pkis_singletonUpperBound, + { "singletonUpperBound", "novell_pkis.singletonUpperBound", + FT_UINT32, BASE_DEC, NULL, 0, + "INTEGER_0_9223372036854775807", HFILL }}, + { &hf_novell_pkis_singletonValue, + { "singletonValue", "novell_pkis.singletonValue", + FT_BOOLEAN, BASE_NONE, NULL, 0, + "BOOLEAN", HFILL }}, + { &hf_novell_pkis_perTransactionLimit, + { "perTransactionLimit", "novell_pkis.perTransactionLimit_element", + FT_NONE, BASE_NONE, NULL, 0, + "MonetaryValue", HFILL }}, + { &hf_novell_pkis_perCertificateLimit, + { "perCertificateLimit", "novell_pkis.perCertificateLimit_element", + FT_NONE, BASE_NONE, NULL, 0, + "MonetaryValue", HFILL }}, + { &hf_novell_pkis_currency, + { "currency", "novell_pkis.currency", + FT_UINT32, BASE_DEC, NULL, 0, + NULL, HFILL }}, + { &hf_novell_pkis_amount, + { "amount", "novell_pkis.amount", + FT_INT32, BASE_DEC, NULL, 0, + "INTEGER", HFILL }}, + { &hf_novell_pkis_amtExp10, + { "amtExp10", "novell_pkis.amtExp10", + FT_INT32, BASE_DEC, NULL, 0, + "INTEGER", HFILL }}, + +/*--- End of included file: packet-novell_pkis-hfarr.c ---*/ +#line 55 "../../asn1/novell_pkis/packet-novell_pkis-template.c" + }; + static gint *ett[] = { + +/*--- Included file: packet-novell_pkis-ettarr.c ---*/ +#line 1 "../../asn1/novell_pkis/packet-novell_pkis-ettarr.c" + &ett_novell_pkis_SecurityAttributes, + &ett_novell_pkis_GLBExtensions, + &ett_novell_pkis_Quality, + &ett_novell_pkis_CompusecQuality, + &ett_novell_pkis_CompusecQualityPair, + &ett_novell_pkis_CryptoQuality, + &ett_novell_pkis_CryptoQualityPair, + &ett_novell_pkis_CertificateClass, + &ett_novell_pkis_EnterpriseId, + &ett_novell_pkis_SEQUENCE_SIZE_1_1_OF_SecurityLabelType1, + &ett_novell_pkis_SecurityLabelType1, + &ett_novell_pkis_Singletons, + &ett_novell_pkis_SingletonChoice, + &ett_novell_pkis_SingletonRange, + &ett_novell_pkis_RelianceLimits, + &ett_novell_pkis_MonetaryValue, + +/*--- End of included file: packet-novell_pkis-ettarr.c ---*/ +#line 58 "../../asn1/novell_pkis/packet-novell_pkis-template.c" + }; + + /* execute protocol initialization only once */ + if (proto_novell_pkis != -1) return; + + proto_novell_pkis = proto_register_protocol("Novell PKIS ASN.1 type", "novell_pkis", "novell_pkis"); + proto_register_field_array (proto_novell_pkis, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} |