2 * Routines for PKCS#12: Personal Information Exchange packet dissection
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 1998 Gerald Combs
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
31 #include <epan/packet.h>
32 #include <epan/conversation.h>
33 #include <epan/oid_resolv.h>
34 #include <epan/asn1.h>
39 #include "packet-ber.h"
40 #include "packet-pkcs12.h"
41 #include "packet-x509af.h"
42 #include "packet-x509if.h"
43 #include "packet-cms.h"
45 #define PNAME "PKCS#12: Personal Information Exchange"
46 #define PSNAME "PKCS12"
47 #define PFNAME "pkcs12"
49 /* Initialize the protocol and registered fields */
50 int proto_pkcs12 = -1;
52 static const char *object_identifier_id = NULL;
55 static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
56 static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
58 #include "packet-pkcs12-hf.c"
60 /* Initialize the subtree pointers */
61 #include "packet-pkcs12-ett.c"
63 static void append_oid(proto_tree *tree, const char *oid)
65 const char *name = NULL;
67 name = get_oid_str_name(oid);
68 proto_item_append_text(tree, " (%%s)", name ? name : oid);
71 #include "packet-pkcs12-fn.c"
73 static int strip_octet_string(tvbuff_t *tvb, proto_tree *tree)
81 /* PKCS#7 encodes the content as OCTET STRING, whereas CMS is just any ANY */
82 /* if we use CMS (rather than PKCS#7) - which we are - we need to strip the OCTET STRING tag */
83 /* before proceeding */
85 offset = get_ber_identifier(tvb, 0, &class, &pc, &tag);
86 offset = get_ber_length(NULL, tvb, offset, &len, &ind);
88 if((class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_OCTETSTRING))
91 proto_tree_add_text(tree, tvb, 0, 1, "BER Error: OCTET STRING expected");
97 static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
100 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
102 if((offset = strip_octet_string(tvb, tree)) > 0)
103 dissect_pkcs12_AuthenticatedSafe(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_AuthenticatedSafe_PDU);
106 static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
110 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
112 if((offset = strip_octet_string(tvb, tree)) > 0)
113 dissect_pkcs12_SafeContents(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_SafeContents_PDU);
117 static int decrypt_data(tvbuff_t *encrypted_data,
119 gnu_tls_ciper_algorithm cipher,
122 gnutls_datum_t *salt, size_t salt_size,
123 gnutls_datum_t *iv, size_t iv_size,
125 tvb_buff_t **decrypted_data)
132 key_size = gnutls_cipher_get_key_size(cipher);
139 /*--- proto_register_pkcs12 ----------------------------------------------*/
140 void proto_register_pkcs12(void) {
143 static hf_register_info hf[] = {
145 #include "packet-pkcs12-hfarr.c"
148 /* List of subtrees */
149 static gint *ett[] = {
150 #include "packet-pkcs12-ettarr.c"
153 /* Register protocol */
154 proto_pkcs12 = proto_register_protocol(PNAME, PSNAME, PFNAME);
156 /* Register fields and subtrees */
157 proto_register_field_array(proto_pkcs12, hf, array_length(hf));
158 proto_register_subtree_array(ett, array_length(ett));
160 register_ber_syntax_dissector("PKCS#12", proto_pkcs12, dissect_PFX_PDU);
161 register_ber_oid_syntax(".p12", NULL, "PKCS#12");
162 register_ber_oid_syntax(".pfx", NULL, "PKCS#12");
166 /*--- proto_reg_handoff_pkcs12 -------------------------------------------*/
167 void proto_reg_handoff_pkcs12(void) {
168 #include "packet-pkcs12-dis-tab.c"