diff options
author | Stig Bjørlykke <stig@bjorlykke.org> | 2010-01-12 11:49:17 +0000 |
---|---|---|
committer | Stig Bjørlykke <stig@bjorlykke.org> | 2010-01-12 11:49:17 +0000 |
commit | 89980e1672292a75c7e54cea93ccfa946e12d398 (patch) | |
tree | 27a34dde9c0b26f38df999f1a850cd8b87199297 /asn1/cms | |
parent | 324af9e6faea22dc42c13cf7efaeef7777550c2d (diff) | |
download | wireshark-89980e1672292a75c7e54cea93ccfa946e12d398.tar.gz |
Update to RFC3369.
svn path=/trunk/; revision=31500
Diffstat (limited to 'asn1/cms')
-rw-r--r-- | asn1/cms/AttributeCertificateVersion1.asn | 52 | ||||
-rw-r--r-- | asn1/cms/CryptographicMessageSyntax.asn | 35 | ||||
-rw-r--r-- | asn1/cms/Makefile.common | 4 | ||||
-rw-r--r-- | asn1/cms/cms.cnf | 14 | ||||
-rw-r--r-- | asn1/cms/packet-cms-template.c | 2 |
5 files changed, 97 insertions, 10 deletions
diff --git a/asn1/cms/AttributeCertificateVersion1.asn b/asn1/cms/AttributeCertificateVersion1.asn new file mode 100644 index 0000000000..33dfbba7cf --- /dev/null +++ b/asn1/cms/AttributeCertificateVersion1.asn @@ -0,0 +1,52 @@ +-- Extracted from RFC3369 +-- $Id$ +AttributeCertificateVersion1 + { iso(1) member-body(2) us(840) rsadsi(113549) + pkcs(1) pkcs-9(9) smime(16) modules(0) v1AttrCert(15) } + +DEFINITIONS IMPLICIT TAGS ::= +BEGIN + +-- EXPORTS All + +IMPORTS + -- Directory Authentication Framework (X.509) + AttCertValidityPeriod, Extensions, IssuerSerial + FROM AuthenticationFramework { joint-iso-itu-t ds(5) + module(1) authenticationFramework(7) 3 } + + GeneralNames + FROM CertificateExtensions { joint-iso-ccitt ds(5) + module(1) certificateExtensions(26) 0 } + + UniqueIdentifier + FROM SelectedAttributeTypes { joint-iso-itu-t ds(5) module(1) + selectedAttributeTypes(5) 3 }; + + +-- Definition extracted from X.509-1997 [X.509-97], but +-- different type names are used to avoid collisions. + +AttributeCertificateV1 ::= SEQUENCE { + acInfo AttributeCertificateInfoV1, + signatureAlgorithm AlgorithmIdentifier, + signature BIT STRING } + +AttributeCertificateInfoV1 ::= SEQUENCE { + version AttCertVersionV1 DEFAULT v1, + subject CHOICE { + baseCertificateID [0] IssuerSerial, + -- associated with a Public Key Certificate + subjectName [1] GeneralNames }, + -- associated with a name + issuer GeneralNames, + signature AlgorithmIdentifier, + serialNumber CertificateSerialNumber, + attCertValidityPeriod AttCertValidityPeriod, + attributes SEQUENCE OF Attribute, + issuerUniqueID UniqueIdentifier OPTIONAL, + extensions Extensions OPTIONAL } + +AttCertVersionV1 ::= INTEGER { v1(0) } + +END -- of AttributeCertificateVersion1 diff --git a/asn1/cms/CryptographicMessageSyntax.asn b/asn1/cms/CryptographicMessageSyntax.asn index ad96da8ff7..1fefbd4ae3 100644 --- a/asn1/cms/CryptographicMessageSyntax.asn +++ b/asn1/cms/CryptographicMessageSyntax.asn @@ -1,5 +1,6 @@ --- Extracted from RFC2630 --- and massaged/modified so it passws through our asn2wrs compiler +-- Extracted from RFC3369 +-- and massaged/modified so it passes through our asn2wrs compiler +-- $Id$ CryptographicMessageSyntax { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) modules(0) cms(1) } DEFINITIONS IMPLICIT TAGS ::= @@ -103,7 +104,9 @@ UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute RecipientInfo ::= CHOICE { ktri KeyTransRecipientInfo, kari [1] KeyAgreeRecipientInfo, - kekri [2] KEKRecipientInfo } + kekri [2] KEKRecipientInfo, + pwri [3] PasswordRecipientInfo, + ori [4] OtherRecipientInfo } EncryptedKey ::= OCTET STRING @@ -164,6 +167,17 @@ KEKIdentifier ::= SEQUENCE { date GeneralizedTime OPTIONAL, other OtherKeyAttribute OPTIONAL } +PasswordRecipientInfo ::= SEQUENCE { + version CMSVersion, -- always set to 0 + keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier + OPTIONAL, + keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + encryptedKey EncryptedKey } + +OtherRecipientInfo ::= SEQUENCE { + oriType OBJECT IDENTIFIER, + oriValue ANY DEFINED BY oriType } + DigestedData ::= SEQUENCE { version CMSVersion, digestAlgorithm DigestAlgorithmIdentifier, @@ -184,9 +198,9 @@ AuthenticatedData ::= SEQUENCE { macAlgorithm MessageAuthenticationCodeAlgorithm, digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL, encapContentInfo EncapsulatedContentInfo, - authenticatedAttributes [2] IMPLICIT AuthAttributes OPTIONAL, + authAttrs [2] IMPLICIT AuthAttributes OPTIONAL, mac MessageAuthenticationCode, - unauthenticatedAttributes [3] IMPLICIT UnauthAttributes OPTIONAL } + unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL } AuthAttributes ::= SET SIZE (1..MAX) OF Attribute @@ -204,12 +218,17 @@ ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier MessageAuthenticationCodeAlgorithm ::= AlgorithmIdentifier +KeyDerivationAlgorithmIdentifier ::= AlgorithmIdentifier + CertificateRevocationLists ::= SET OF CertificateList CertificateChoices ::= CHOICE { certificate Certificate, - extendedCertificate [0] IMPLICIT ExtendedCertificate, - attrCert [1] IMPLICIT AttributeCertificate } + extendedCertificate [0] IMPLICIT ExtendedCertificate, -- Obsolete + v1AttrCert [1] IMPLICIT AttributeCertificateV1, -- Obsolete + v2AttrCert [2] IMPLICIT AttributeCertificateV2 } + +AttributeCertificateV2 ::= AttributeCertificate CertificateSet ::= SET OF CertificateChoices @@ -223,7 +242,7 @@ UserKeyingMaterial ::= OCTET STRING OtherKeyAttribute ::= SEQUENCE { keyAttrId OBJECT IDENTIFIER, - keyAttr ANY OPTIONAL + keyAttr ANY DEFINED BY keyAttrId OPTIONAL } -- CMS Attributes diff --git a/asn1/cms/Makefile.common b/asn1/cms/Makefile.common index 0091f73b83..a0537171b9 100644 --- a/asn1/cms/Makefile.common +++ b/asn1/cms/Makefile.common @@ -31,7 +31,7 @@ EXPORT_FILES = \ EXT_ASN_FILE_LIST = -ASN_FILE_LIST = CryptographicMessageSyntax.asn +ASN_FILE_LIST = CryptographicMessageSyntax.asn AttributeCertificateVersion1.asn # The packet-$(PROTOCOL_NAME)-template.h and $(PROTOCOL_NAME).asn # files do not exist for all protocols: Please add/remove as required. @@ -46,7 +46,7 @@ SRC_FILES = \ $(EXTRA_DIST) \ $(EXT_ASN_FILE_LIST) -A2W_FLAGS= -b -e +A2W_FLAGS= -b -e -C EXTRA_CNF= \ ../x509af/x509af-exp.cnf \ diff --git a/asn1/cms/cms.cnf b/asn1/cms/cms.cnf index c828889ae0..cc7f810092 100644 --- a/asn1/cms/cms.cnf +++ b/asn1/cms/cms.cnf @@ -4,7 +4,9 @@ # $Id$ #.IMPORT ../x509af/x509af-exp.cnf +#.IMPORT ../x509ce/x509ce-exp.cnf #.IMPORT ../x509if/x509if-exp.cnf +#.IMPORT ../x509sat/x509sat-exp.cnf #.OMIT_ASSIGNMENT KeyWrapAlgorithm @@ -63,6 +65,12 @@ RC2WrapParameter B "1.2.840.113549.1.9.16.3.7" "id-alg-cmsrc2-wrap" SignerInfo/signature signatureValue RecipientEncryptedKey/rid rekRid EncryptedContentInfo/contentType encryptedContentType +AttributeCertificateV1/signature signatureValue_v1 +AttributeCertificateV1/signatureAlgorithm signatureAlgorithm_v1 +AttributeCertificateInfoV1/attributes attributes_v1 +AttributeCertificateInfoV1/issuer issuer_v1 +AttributeCertificateInfoV1/signature signature_v1 +AttributeCertificateInfoV1/version version_v1 #.FN_BODY ContentInfo top_tree = tree; @@ -105,6 +113,12 @@ EncryptedContentInfo/contentType encryptedContentType /* save the content for checking the message digest */ content_tvb = tvb_new_subset(tvb, content_offset, len, -1); +#.FN_PARS OtherRecipientInfo/oriType + FN_VARIANT = _str VAL_PTR = &object_identifier_id + +#.FN_BODY OtherRecipientInfo/oriValue + offset=call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree); + #.FN_PARS OtherKeyAttribute/keyAttrId FN_VARIANT = _str HF_INDEX = hf_cms_ci_contentType VAL_PTR = &object_identifier_id diff --git a/asn1/cms/packet-cms-template.c b/asn1/cms/packet-cms-template.c index 0f4f6237b3..c928e38166 100644 --- a/asn1/cms/packet-cms-template.c +++ b/asn1/cms/packet-cms-template.c @@ -38,7 +38,9 @@ #include "packet-ber.h" #include "packet-cms.h" #include "packet-x509af.h" +#include "packet-x509ce.h" #include "packet-x509if.h" +#include "packet-x509sat.h" #include "packet-pkcs12.h" #include <epan/crypt/crypt-sha1.h> |