diff options
| author | Tomas Kukosa <tomas.kukosa@siemens.com> | 2006-05-15 06:32:01 +0000 |
|---|---|---|
| committer | Tomas Kukosa <tomas.kukosa@siemens.com> | 2006-05-15 06:32:01 +0000 |
| commit | 726820fd03ae031586a41e39984b8e9013060f4a (patch) | |
| tree | e213642c064de0d888d37546e1fa89d202991509 /asn1/h235 | |
| parent | aada0116b7c65f6ea0b54c6375efd604c8be9874 (diff) | |
| download | wireshark-726820fd03ae031586a41e39984b8e9013060f4a.tar.gz | |
updated to H.235.0:09/2005 and H.235.8:09/2005
svn path=/trunk/; revision=18157
Diffstat (limited to 'asn1/h235')
| -rw-r--r-- | asn1/h235/H235-SECURITY-MESSAGES.asn | 185 | ||||
| -rw-r--r-- | asn1/h235/H235-SRTP.asn | 59 | ||||
| -rw-r--r-- | asn1/h235/Makefile.nmake | 4 | ||||
| -rw-r--r-- | asn1/h235/h235-exp.cnf | 12 | ||||
| -rw-r--r-- | asn1/h235/h235.cnf | 5 | ||||
| -rw-r--r-- | asn1/h235/packet-h235-template.c | 1 |
6 files changed, 193 insertions, 73 deletions
diff --git a/asn1/h235/H235-SECURITY-MESSAGES.asn b/asn1/h235/H235-SECURITY-MESSAGES.asn index 882236722e..a6655ddae4 100644 --- a/asn1/h235/H235-SECURITY-MESSAGES.asn +++ b/asn1/h235/H235-SECURITY-MESSAGES.asn @@ -1,21 +1,21 @@ -- -- Taken from ITU ASN.1 database --- http://www.itu.int/ITU-T/asn1/database/itu-t/h/h235/2003-amd1/H235-SECURITY-MESSAGES.asn +-- http://www.itu.int/ITU-T/asn1/database/itu-t/h/h235.0/2005/H235-SECURITY-MESSAGES.asn -- -- Features unbacked with ASN.1 to Ethereal compiler was commented out -- - --- Module H235-SECURITY-MESSAGES (H.235:08/2003) +-- Module H235-SECURITY-MESSAGES (H.235.0:09/2005) H235-SECURITY-MESSAGES DEFINITIONS AUTOMATIC TAGS ::= BEGIN -- EXPORTS All ChallengeString ::= OCTET STRING(SIZE (8..128)) -TimeStamp ::= INTEGER(1..4294967295) -- seconds since 00:00 1/1/1970 UTC +TimeStamp ::= INTEGER(1..4294967295) -- seconds since 00:00 +-- 1/1/1970 UTC RandomVal ::= INTEGER -- 32-bit Integer Password ::= BMPString(SIZE (1..128)) @@ -30,7 +30,7 @@ NonStandardParameter ::= SEQUENCE { } -- if local octet representations of these bit strings are used they shall --- utilize standard Network Octet ordering (e.g. Big Endian) +-- utilize standard Network Octet ordering (e.g., Big Endian) DHset ::= SEQUENCE { halfkey BIT STRING(SIZE (0..2048)), -- = g^x mod n modSize BIT STRING(SIZE (0..2048)), -- n @@ -39,8 +39,10 @@ DHset ::= SEQUENCE { } ECpoint ::= - SEQUENCE -- uncompressed (x, y) affine coordinate representation of an elliptic curve point - { + SEQUENCE -- uncompressed (x, y) affine coordinate representation of + + -- an elliptic curve point + { x BIT STRING(SIZE (0..511)) OPTIONAL, y BIT STRING(SIZE (0..511)) OPTIONAL, ... @@ -51,71 +53,80 @@ ECKASDH ::= { eckasdhp SEQUENCE-- parameters for elliptic curves of prime field-- {public-key - ECpoint, -- This field contains representation of the ECKAS-DHp public key value.-- - --This field contains the initiator's ECKAS-DHp public key value (aP) when this information - -- element is sent from originator to receiver. This field contains the responder's ECKAS-DHp - -- public key value (bP) when this information element is sent back from receiver - -- to originator. + ECpoint, -- This field contains representation of -- + -- the ECKAS-DHp public key value. This field contains the + -- initiator's ECKAS-DHp public key value (aP) when this + -- information element is sent from originator to receiver. This + -- field contains the responder's ECKAS-DHp public key value (bP) + -- when this information element is sent back from receiver to + -- originator. modulus BIT STRING (SIZE (0.. - 511)), -- This field contains representation of the-- - -- ECKAS-DHp public modulus value (p). + 511)), -- This field contains -- + -- representation of the ECKAS-DHp public modulus value (p). base - ECpoint, -- This field contains representation of the ECKAS-DHp public base (P).-- + ECpoint, -- This field contains representation of the -- + -- ECKAS-DHp public base (P). weierstrassA BIT STRING (SIZE (0.. - 511)), --This field contains representation of the-- - -- ECKAS-DHp Weierstrass coefficient (a). + 511)), -- This field contains -- + -- representation of the ECKAS-DHp Weierstrass coefficient (a). weierstrassB BIT STRING (SIZE (0.. - 511))--This field contains representation of the-- - -- ECKAS-DHp Weierstrass coefficient (b). + 511))-- This field contains -- + -- representation of the ECKAS-DHp Weierstrass coefficient (b). }, eckasdh2 SEQUENCE-- parameters for elliptic curves of characteristic 2 -- {public-key - ECpoint, -- This field contains representation of the ECKAS-DH2 public key value. -- - -- This field contains the initiator's ECKAS-DH2 public key value (aP) when this information - -- element is sent from originator to receiver. This field contains the responder's ECKAS-DH2 - -- public key value (bP) when this information element is sent back from receiver to originator. + ECpoint, -- This field contains representation of -- + -- the ECKAS-DH2 public key value. + -- This field contains the initiator's ECKAS-DH2 public key value + -- (aP) when this information element is sent from originator to + -- receiver. This field contains the responder's ECKAS-DH2 public + -- key value (bP) when this information element is sent back from + -- receiver to originator. fieldSize BIT STRING (SIZE (0.. - 511)), -- This field contains representation of the-- - -- ECKAS-DH2 field size value (m). + 511)), -- This field contains -- + -- representation of the ECKAS-DH2 field size value (m). base - ECpoint, -- This field contains representation of the ECKAS-DH2 public base (P).-- + ECpoint, -- This field contains representation of the -- + -- ECKAS-DH2 public base (P). weierstrassA BIT STRING (SIZE (0.. - 511)), --This field contains representation of the-- - -- ECKAS-DH2 Weierstrass coefficient (a). + 511)), -- This field contains -- + -- representation of the ECKAS-DH2 Weierstrass coefficient (a). weierstrassB BIT STRING (SIZE (0.. - 511))--This field contains representation of the-- - -- ECKAS-DH2 Weierstrass coefficient (b). + 511))-- This field contains -- + -- representation of the ECKAS-DH2 Weierstrass coefficient (b). }, ... } ECGDSASignature ::= - SEQUENCE -- parameters for elliptic curve digital signature algorithm - { - r BIT STRING(SIZE (0..511)), -- This field contains the representation of the r component of the + SEQUENCE -- parameters for elliptic curve digital signature + + -- algorithm + { + r BIT STRING(SIZE (0..511)), -- This field contains the - -- ECGDSA digital signature. - s - BIT STRING - (SIZE (0..511))-- This field contains the representation of the s component of the-- - -- ECGDSA digital signature. + -- representation of the r component of the ECGDSA digital + -- signature. + s BIT STRING(SIZE (0..511))-- This field contains the -- + -- representation of the s component of the ECGDSA digital + -- signature. } TypedCertificate ::= SEQUENCE { @@ -139,40 +150,61 @@ AuthenticationMechanism ::= CHOICE { tls NULL, nonStandard NonStandardParameter, -- something else. ..., - authenticationBES AuthenticationBES -- user authentication for BES + authenticationBES AuthenticationBES, -- user authentication for BES + keyExch OBJECT IDENTIFIER -- key exchange profile } ClearToken ::= SEQUENCE -- a "token" may contain multiple value types. { - tokenOID OBJECT IDENTIFIER, - timeStamp TimeStamp OPTIONAL, - password Password OPTIONAL, - dhkey DHset OPTIONAL, - challenge ChallengeString OPTIONAL, - random RandomVal OPTIONAL, - certificate TypedCertificate OPTIONAL, - generalID Identifier OPTIONAL, - nonStandard NonStandardParameter OPTIONAL, + tokenOID OBJECT IDENTIFIER, + timeStamp TimeStamp OPTIONAL, + password Password OPTIONAL, + dhkey DHset OPTIONAL, + challenge ChallengeString OPTIONAL, + random RandomVal OPTIONAL, + certificate TypedCertificate OPTIONAL, + generalID Identifier OPTIONAL, + nonStandard NonStandardParameter OPTIONAL, ..., - eckasdhkey ECKASDH OPTIONAL, -- elliptic curve Key Agreement Scheme-Diffie + eckasdhkey ECKASDH OPTIONAL, -- elliptic curve Key Agreement - -- Hellman Analogue (ECKAS-DH) - sendersID Identifier OPTIONAL, - h235Key H235Key OPTIONAL -- central distributed key in V3 + -- Scheme-Diffie Hellman Analogue + -- (ECKAS-DH) + sendersID Identifier OPTIONAL, + h235Key H235Key OPTIONAL, -- central distributed key in V3 + profileInfo SEQUENCE OF ProfileElement OPTIONAL -- profile-specific } -- An object identifier should be placed in the tokenOID field when a -- ClearToken is included directly in a message (as opposed to being --- encrypted). In all other cases, an application should use the --- object identifier { 0 0 } to indicate that the tokenOID value is not present. --- --- Start all the cryptographic parameterized types here... +-- encrypted). In all other cases, an application should use the +-- object identifier { 0 0 } to indicate that the tokenOID value is not +-- present. +-- Start all the cryptographic parameterized types here... -- +ProfileElement ::= SEQUENCE { + elementID INTEGER(0..255), -- element identifier, as defined by + + -- profile + paramS Params OPTIONAL, -- any element-specific parameters + element Element OPTIONAL, -- value in required form + ... +} + +Element ::= CHOICE { + octets OCTET STRING, + integer INTEGER, + bits BIT STRING, + name BMPString, + flag BOOLEAN, + ... +} + SIGNED{ToBeSigned} ::= SEQUENCE { toBeSigned ToBeSigned, algorithmOID OBJECT IDENTIFIER, paramS Params, -- any "runtime" parameters - signature BIT STRING -- could be an RSA or an ASN.1 coded ECGDSASignature + signature BIT STRING -- could be an RSA or an ASN.1 coded ECGDSA Signature }(CONSTRAINED BY { -- Verify or Sign Certificate --}) ENCRYPTED{ToBeEncrypted} ::= SEQUENCE { @@ -197,9 +229,9 @@ IV16 ::= OCTET STRING(SIZE (16)) -- initial value for 128-bit block ciphers -- needed by receiving end of signature. Params ::= SEQUENCE { ranInt INTEGER OPTIONAL, -- some integer value - iv8 IV8 OPTIONAL, -- 8 octet initialization vector + iv8 IV8 OPTIONAL, -- 8-octet initialization vector ..., - iv16 IV16 OPTIONAL, -- 16 octet initialization vector + iv16 IV16 OPTIONAL, -- 16-octet initialization vector iv OCTET STRING OPTIONAL, -- arbitrary length initialization vector clearSalt OCTET STRING OPTIONAL -- unencrypted salting key for encryption } @@ -248,15 +280,16 @@ CryptoToken ::= CHOICE { } -- These allow the passing of session keys within the H.245 OLC structure. --- They are encoded as standalone ASN.1 and based as an OCTET STRING within H.245 +-- They are encoded as standalone ASN.1 and based as an OCTET STRING within +-- H.245 H235Key ::= - CHOICE -- this is used with the H.245 or ClearToken "h235Key" field + CHOICE -- This is used with the H.245 or ClearToken "h235Key" field { secureChannel KeyMaterial, sharedSecret ENCRYPTED{EncodedKeySyncMaterial}, certProtectedKey SIGNED{EncodedKeySignedMaterial}, ..., - secureSharedSecret V3KeySyncMaterial -- for H.235 V3 end points + secureSharedSecret V3KeySyncMaterial -- for H.235 V3 endpoints } KeySignedMaterial ::= SEQUENCE { @@ -295,15 +328,25 @@ KeySyncMaterial ::= SEQUENCE { --EncodedKeySyncMaterial ::= TYPE-IDENTIFIER.&Type(KeySyncMaterial) V3KeySyncMaterial ::= SEQUENCE { - generalID Identifier OPTIONAL, -- peer terminal ID - algorithmOID OBJECT IDENTIFIER OPTIONAL, -- encryption algorithm - paramS Params, -- IV - encryptedSessionKey OCTET STRING OPTIONAL, -- encrypted session key - encryptedSaltingKey OCTET STRING OPTIONAL, -- encrypted media salting key - clearSaltingKey OCTET STRING OPTIONAL, -- unencrypted media salting key - paramSsalt Params OPTIONAL, -- IV (and clear salt) for salting key encryption - keyDerivationOID OBJECT IDENTIFIER OPTIONAL, -- key derivation method - ... + generalID Identifier OPTIONAL, -- peer terminal ID + algorithmOID OBJECT IDENTIFIER OPTIONAL, -- encryption algorithm + paramS Params, -- IV + encryptedSessionKey OCTET STRING OPTIONAL, -- encrypted session key + encryptedSaltingKey OCTET STRING OPTIONAL, -- encrypted media salting + + -- key + clearSaltingKey OCTET STRING OPTIONAL, -- unencrypted media salting + + -- key + paramSsalt Params OPTIONAL, -- IV (and clear salt) for salting + + -- key encryption + keyDerivationOID OBJECT IDENTIFIER OPTIONAL, -- key derivation + + -- method + ..., + genericKeyMaterial OCTET STRING OPTIONAL -- ASN.1-encoded key material-- + -- form is dependent on associated media encryption tag } END -- End of H235-SECURITY-MESSAGES DEFINITIONS diff --git a/asn1/h235/H235-SRTP.asn b/asn1/h235/H235-SRTP.asn new file mode 100644 index 0000000000..151c4e8c98 --- /dev/null +++ b/asn1/h235/H235-SRTP.asn @@ -0,0 +1,59 @@ +-- +-- Taken from ITU ASN.1 database +-- http://www.itu.int/ITU-T/asn1/database/itu-t/h/h235.8/2005/H235-SRTP.asn +-- +-- Features unbacked with ASN.1 to Ethereal compiler was commented out +-- + +-- Module H235-SRTP (H.235.8:09/2005) +H235-SRTP DEFINITIONS AUTOMATIC TAGS ::= +BEGIN + +IMPORTS GenericData + FROM H323-MESSAGES; + +SrtpCryptoCapability ::= + SEQUENCE OF SrtpCryptoInfo -- used in H.245 genericH235SecurityCapability + +SrtpCryptoInfo ::= SEQUENCE { + cryptoSuite OBJECT IDENTIFIER OPTIONAL, + sessionParams SrtpSessionParameters OPTIONAL, + allowMKI BOOLEAN OPTIONAL, + ... +} + +SrtpKeys ::= SEQUENCE OF SrtpKeyParameters -- used in H.235 V3KeySyncMaterial + +SrtpKeyParameters ::= SEQUENCE { + masterKey OCTET STRING, + masterSalt OCTET STRING, + lifetime CHOICE {powerOfTwo INTEGER, + specific INTEGER, + ...} OPTIONAL, + mki SEQUENCE {length INTEGER(1..128), + value OCTET STRING, + ...} OPTIONAL, + ... +} + +SrtpSessionParameters ::= SEQUENCE { + kdr INTEGER(0..24) OPTIONAL, -- power of 2 + unencryptedSrtp BOOLEAN OPTIONAL, + unencryptedSrtcp BOOLEAN OPTIONAL, + unauthenticatedSrtp BOOLEAN OPTIONAL, + fecOrder FecOrder OPTIONAL, + windowSizeHint INTEGER(64..65535) OPTIONAL, + newParameter SEQUENCE OF GenericData OPTIONAL, + ... +} + +FecOrder ::= SEQUENCE { + fecBeforeSrtp NULL OPTIONAL, + fecAfterSrtp NULL OPTIONAL, + ... +} + +END + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D + diff --git a/asn1/h235/Makefile.nmake b/asn1/h235/Makefile.nmake index 030a3cfa42..e521711e23 100644 --- a/asn1/h235/Makefile.nmake +++ b/asn1/h235/Makefile.nmake @@ -13,9 +13,9 @@ all: generate_dissector generate_dissector: $(DISSECTOR_FILES) -$(DISSECTOR_FILES): ../../tools/asn2eth.py H235-SECURITY-MESSAGES.asn packet-$(PROTOCOL_NAME)-template.c packet-$(PROTOCOL_NAME)-template.h $(PROTOCOL_NAME).cnf +$(DISSECTOR_FILES): ../../tools/asn2eth.py H235-SECURITY-MESSAGES.asn H235-SRTP.asn packet-$(PROTOCOL_NAME)-template.c packet-$(PROTOCOL_NAME)-template.h $(PROTOCOL_NAME).cnf !IFDEF PYTHON - $(PYTHON) ../../tools/asn2eth.py -X -e -p $(PROTOCOL_NAME) -c $(PROTOCOL_NAME).cnf -s packet-$(PROTOCOL_NAME)-template H235-SECURITY-MESSAGES.asn + $(PYTHON) ../../tools/asn2eth.py -e -p $(PROTOCOL_NAME) -c $(PROTOCOL_NAME).cnf -s packet-$(PROTOCOL_NAME)-template H235-SECURITY-MESSAGES.asn H235-SRTP.asn !ELSE @echo Error: You need Python to use asn2eth.py @exit 1 diff --git a/asn1/h235/h235-exp.cnf b/asn1/h235/h235-exp.cnf index c5bc2a4aec..d9864d3f0a 100644 --- a/asn1/h235/h235-exp.cnf +++ b/asn1/h235/h235-exp.cnf @@ -1,3 +1,13 @@ +# Do not modify this file. +# It is created automatically by the ASN.1 to Ethereal dissector compiler +# .\h235-exp.cnf +# ../../tools/asn2eth.py -e -p h235 -c h235.cnf -s packet-h235-template H235-SECURITY-MESSAGES.asn H235-SRTP.asn + +#.MODULE +H235-SECURITY-MESSAGES h235 +H235-SRTP h235 +#.END + #.TYPE_ATTR TimeStamp TYPE = FT_ABSOLUTE_TIME DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 AuthenticationMechanism TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(h235_AuthenticationMechanism_vals) BITMASK = 0 @@ -6,5 +16,7 @@ SIGNEDxxx TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL ENCRYPTEDxxx TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 HASHEDxxx TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 CryptoToken TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(h235_CryptoToken_vals) BITMASK = 0 +SrtpCryptoCapability TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 +SrtpKeys TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0 #.END diff --git a/asn1/h235/h235.cnf b/asn1/h235/h235.cnf index 88abce10d9..3eccc7173a 100644 --- a/asn1/h235/h235.cnf +++ b/asn1/h235/h235.cnf @@ -4,6 +4,8 @@ # $Id$ +#.INCLUDE ../h225/h225-exp.cnf + #.EXPORTS SIGNEDxxx @@ -14,6 +16,9 @@ ClearToken CryptoToken AuthenticationMechanism +SrtpCryptoCapability +SrtpKeys + #.OMIT_ASSIGNMENT ECGDSASignature diff --git a/asn1/h235/packet-h235-template.c b/asn1/h235/packet-h235-template.c index e57458401b..faea4c4e28 100644 --- a/asn1/h235/packet-h235-template.c +++ b/asn1/h235/packet-h235-template.c @@ -36,6 +36,7 @@ #include "packet-per.h" #include "packet-h235.h" +#include "packet-h225.h" #define PNAME "H235-SECURITY-MESSAGES" #define PSNAME "H.235" |