1 /* Do not modify this file. */
2 /* It is created automatically by the ASN.1 to Wireshark dissector compiler */
4 /* ../../tools/asn2wrs.py -b -p pkinit -c ./pkinit.cnf -s ./packet-pkinit-template -D . PKINIT.asn */
6 /* Input file: packet-pkinit-template.c */
8 #line 1 "packet-pkinit-template.c"
10 * Routines for PKINIT packet dissection
11 * Ronnie Sahlberg 2004
15 * Wireshark - Network traffic analyzer
16 * By Gerald Combs <gerald@wireshark.org>
17 * Copyright 1998 Gerald Combs
19 * This program is free software; you can redistribute it and/or
20 * modify it under the terms of the GNU General Public License
21 * as published by the Free Software Foundation; either version 2
22 * of the License, or (at your option) any later version.
24 * This program is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * GNU General Public License for more details.
29 * You should have received a copy of the GNU General Public License
30 * along with this program; if not, write to the Free Software
31 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
39 #include <epan/packet.h>
40 #include <epan/asn1.h>
42 #include "packet-ber.h"
43 #include "packet-pkinit.h"
44 #include "packet-cms.h"
45 #include "packet-pkix1explicit.h"
46 #include "packet-kerberos.h"
48 #define PNAME "PKINIT"
49 #define PSNAME "PKInit"
50 #define PFNAME "pkinit"
52 /* Initialize the protocol and registered fields */
53 static int proto_pkinit = -1;
55 /*--- Included file: packet-pkinit-hf.c ---*/
56 #line 1 "packet-pkinit-hf.c"
57 static int hf_pkinit_AuthPack_PDU = -1; /* AuthPack */
58 static int hf_pkinit_KDCDHKeyInfo_PDU = -1; /* KDCDHKeyInfo */
59 static int hf_pkinit_signedAuthPack = -1; /* ContentInfo */
60 static int hf_pkinit_trustedCertifiers = -1; /* SEQUENCE_OF_TrustedCA */
61 static int hf_pkinit_trustedCertifiers_item = -1; /* TrustedCA */
62 static int hf_pkinit_kdcCert = -1; /* IssuerAndSerialNumber */
63 static int hf_pkinit_caName = -1; /* Name */
64 static int hf_pkinit_issuerAndSerial = -1; /* IssuerAndSerialNumber */
65 static int hf_pkinit_pkAuthenticator = -1; /* PKAuthenticator */
66 static int hf_pkinit_clientPublicValue = -1; /* SubjectPublicKeyInfo */
67 static int hf_pkinit_supportedCMSTypes = -1; /* SEQUENCE_OF_AlgorithmIdentifier */
68 static int hf_pkinit_supportedCMSTypes_item = -1; /* AlgorithmIdentifier */
69 static int hf_pkinit_cusec = -1; /* INTEGER */
70 static int hf_pkinit_ctime = -1; /* KerberosTime */
71 static int hf_pkinit_paNonce = -1; /* INTEGER_0_4294967295 */
72 static int hf_pkinit_paChecksum = -1; /* Checksum */
73 static int hf_pkinit_dhSignedData = -1; /* ContentInfo */
74 static int hf_pkinit_encKeyPack = -1; /* ContentInfo */
75 static int hf_pkinit_subjectPublicKey = -1; /* BIT_STRING */
76 static int hf_pkinit_dhNonce = -1; /* INTEGER */
77 static int hf_pkinit_dhKeyExpiration = -1; /* KerberosTime */
79 /*--- End of included file: packet-pkinit-hf.c ---*/
80 #line 47 "packet-pkinit-template.c"
82 /* Initialize the subtree pointers */
84 /*--- Included file: packet-pkinit-ett.c ---*/
85 #line 1 "packet-pkinit-ett.c"
86 static gint ett_pkinit_PaPkAsReq = -1;
87 static gint ett_pkinit_SEQUENCE_OF_TrustedCA = -1;
88 static gint ett_pkinit_TrustedCA = -1;
89 static gint ett_pkinit_AuthPack = -1;
90 static gint ett_pkinit_SEQUENCE_OF_AlgorithmIdentifier = -1;
91 static gint ett_pkinit_PKAuthenticator = -1;
92 static gint ett_pkinit_PaPkAsRep = -1;
93 static gint ett_pkinit_KDCDHKeyInfo = -1;
95 /*--- End of included file: packet-pkinit-ett.c ---*/
96 #line 50 "packet-pkinit-template.c"
98 static int dissect_KerberosV5Spec2_KerberosTime(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_);
99 static int dissect_KerberosV5Spec2_Checksum(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_);
102 /*--- Included file: packet-pkinit-fn.c ---*/
103 #line 1 "packet-pkinit-fn.c"
105 static const value_string pkinit_TrustedCA_vals[] = {
107 { 2, "issuerAndSerial" },
111 static const ber_choice_t TrustedCA_choice[] = {
112 { 0, &hf_pkinit_caName , BER_CLASS_CON, 0, 0, dissect_pkix1explicit_Name },
113 { 2, &hf_pkinit_issuerAndSerial, BER_CLASS_CON, 2, 0, dissect_cms_IssuerAndSerialNumber },
114 { 0, NULL, 0, 0, 0, NULL }
118 dissect_pkinit_TrustedCA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
119 offset = dissect_ber_choice(actx, tree, tvb, offset,
120 TrustedCA_choice, hf_index, ett_pkinit_TrustedCA,
127 static const ber_sequence_t SEQUENCE_OF_TrustedCA_sequence_of[1] = {
128 { &hf_pkinit_trustedCertifiers_item, BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_pkinit_TrustedCA },
132 dissect_pkinit_SEQUENCE_OF_TrustedCA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
133 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
134 SEQUENCE_OF_TrustedCA_sequence_of, hf_index, ett_pkinit_SEQUENCE_OF_TrustedCA);
140 static const ber_sequence_t PaPkAsReq_sequence[] = {
141 { &hf_pkinit_signedAuthPack, BER_CLASS_CON, 0, 0, dissect_cms_ContentInfo },
142 { &hf_pkinit_trustedCertifiers, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_pkinit_SEQUENCE_OF_TrustedCA },
143 { &hf_pkinit_kdcCert , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_cms_IssuerAndSerialNumber },
144 { NULL, 0, 0, 0, NULL }
148 dissect_pkinit_PaPkAsReq(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
149 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
150 PaPkAsReq_sequence, hf_index, ett_pkinit_PaPkAsReq);
158 dissect_pkinit_INTEGER(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
159 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
168 dissect_pkinit_INTEGER_0_4294967295(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
169 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
176 static const ber_sequence_t PKAuthenticator_sequence[] = {
177 { &hf_pkinit_cusec , BER_CLASS_CON, 0, 0, dissect_pkinit_INTEGER },
178 { &hf_pkinit_ctime , BER_CLASS_CON, 1, 0, dissect_KerberosV5Spec2_KerberosTime },
179 { &hf_pkinit_paNonce , BER_CLASS_CON, 2, 0, dissect_pkinit_INTEGER_0_4294967295 },
180 { &hf_pkinit_paChecksum , BER_CLASS_CON, 3, 0, dissect_KerberosV5Spec2_Checksum },
181 { NULL, 0, 0, 0, NULL }
185 dissect_pkinit_PKAuthenticator(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
186 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
187 PKAuthenticator_sequence, hf_index, ett_pkinit_PKAuthenticator);
193 static const ber_sequence_t SEQUENCE_OF_AlgorithmIdentifier_sequence_of[1] = {
194 { &hf_pkinit_supportedCMSTypes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkix1explicit_AlgorithmIdentifier },
198 dissect_pkinit_SEQUENCE_OF_AlgorithmIdentifier(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
199 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
200 SEQUENCE_OF_AlgorithmIdentifier_sequence_of, hf_index, ett_pkinit_SEQUENCE_OF_AlgorithmIdentifier);
206 static const ber_sequence_t AuthPack_sequence[] = {
207 { &hf_pkinit_pkAuthenticator, BER_CLASS_CON, 0, 0, dissect_pkinit_PKAuthenticator },
208 { &hf_pkinit_clientPublicValue, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_pkix1explicit_SubjectPublicKeyInfo },
209 { &hf_pkinit_supportedCMSTypes, BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_pkinit_SEQUENCE_OF_AlgorithmIdentifier },
210 { NULL, 0, 0, 0, NULL }
214 dissect_pkinit_AuthPack(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
215 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
216 AuthPack_sequence, hf_index, ett_pkinit_AuthPack);
222 const value_string pkinit_PaPkAsRep_vals[] = {
223 { 0, "dhSignedData" },
228 static const ber_choice_t PaPkAsRep_choice[] = {
229 { 0, &hf_pkinit_dhSignedData , BER_CLASS_CON, 0, 0, dissect_cms_ContentInfo },
230 { 1, &hf_pkinit_encKeyPack , BER_CLASS_CON, 1, 0, dissect_cms_ContentInfo },
231 { 0, NULL, 0, 0, 0, NULL }
235 dissect_pkinit_PaPkAsRep(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
236 offset = dissect_ber_choice(actx, tree, tvb, offset,
237 PaPkAsRep_choice, hf_index, ett_pkinit_PaPkAsRep,
246 dissect_pkinit_BIT_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
247 offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
255 static const ber_sequence_t KDCDHKeyInfo_sequence[] = {
256 { &hf_pkinit_subjectPublicKey, BER_CLASS_CON, 0, 0, dissect_pkinit_BIT_STRING },
257 { &hf_pkinit_dhNonce , BER_CLASS_CON, 1, 0, dissect_pkinit_INTEGER },
258 { &hf_pkinit_dhKeyExpiration, BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_KerberosV5Spec2_KerberosTime },
259 { NULL, 0, 0, 0, NULL }
263 dissect_pkinit_KDCDHKeyInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
264 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
265 KDCDHKeyInfo_sequence, hf_index, ett_pkinit_KDCDHKeyInfo);
272 static void dissect_AuthPack_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
274 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
275 dissect_pkinit_AuthPack(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkinit_AuthPack_PDU);
277 static void dissect_KDCDHKeyInfo_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
279 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
280 dissect_pkinit_KDCDHKeyInfo(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkinit_KDCDHKeyInfo_PDU);
284 /*--- End of included file: packet-pkinit-fn.c ---*/
285 #line 55 "packet-pkinit-template.c"
288 dissect_pkinit_PA_PK_AS_REQ(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_) {
289 offset = dissect_pkinit_PaPkAsReq(FALSE, tvb, offset, actx, tree, -1);
294 dissect_pkinit_PA_PK_AS_REP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_) {
295 offset = dissect_pkinit_PaPkAsRep(FALSE, tvb, offset, actx, tree, -1);
300 dissect_KerberosV5Spec2_KerberosTime(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) {
301 offset = dissect_krb5_ctime(tree, tvb, offset, actx);
306 dissect_KerberosV5Spec2_Checksum(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) {
307 offset = dissect_krb5_Checksum(tree, tvb, offset, actx);
312 /*--- proto_register_pkinit ----------------------------------------------*/
313 void proto_register_pkinit(void) {
316 static hf_register_info hf[] = {
318 /*--- Included file: packet-pkinit-hfarr.c ---*/
319 #line 1 "packet-pkinit-hfarr.c"
320 { &hf_pkinit_AuthPack_PDU,
321 { "AuthPack", "pkinit.AuthPack",
322 FT_NONE, BASE_NONE, NULL, 0,
324 { &hf_pkinit_KDCDHKeyInfo_PDU,
325 { "KDCDHKeyInfo", "pkinit.KDCDHKeyInfo",
326 FT_NONE, BASE_NONE, NULL, 0,
328 { &hf_pkinit_signedAuthPack,
329 { "signedAuthPack", "pkinit.signedAuthPack",
330 FT_NONE, BASE_NONE, NULL, 0,
331 "ContentInfo", HFILL }},
332 { &hf_pkinit_trustedCertifiers,
333 { "trustedCertifiers", "pkinit.trustedCertifiers",
334 FT_UINT32, BASE_DEC, NULL, 0,
335 "SEQUENCE_OF_TrustedCA", HFILL }},
336 { &hf_pkinit_trustedCertifiers_item,
337 { "TrustedCA", "pkinit.TrustedCA",
338 FT_UINT32, BASE_DEC, VALS(pkinit_TrustedCA_vals), 0,
340 { &hf_pkinit_kdcCert,
341 { "kdcCert", "pkinit.kdcCert",
342 FT_NONE, BASE_NONE, NULL, 0,
343 "IssuerAndSerialNumber", HFILL }},
345 { "caName", "pkinit.caName",
346 FT_UINT32, BASE_DEC, NULL, 0,
348 { &hf_pkinit_issuerAndSerial,
349 { "issuerAndSerial", "pkinit.issuerAndSerial",
350 FT_NONE, BASE_NONE, NULL, 0,
351 "IssuerAndSerialNumber", HFILL }},
352 { &hf_pkinit_pkAuthenticator,
353 { "pkAuthenticator", "pkinit.pkAuthenticator",
354 FT_NONE, BASE_NONE, NULL, 0,
356 { &hf_pkinit_clientPublicValue,
357 { "clientPublicValue", "pkinit.clientPublicValue",
358 FT_NONE, BASE_NONE, NULL, 0,
359 "SubjectPublicKeyInfo", HFILL }},
360 { &hf_pkinit_supportedCMSTypes,
361 { "supportedCMSTypes", "pkinit.supportedCMSTypes",
362 FT_UINT32, BASE_DEC, NULL, 0,
363 "SEQUENCE_OF_AlgorithmIdentifier", HFILL }},
364 { &hf_pkinit_supportedCMSTypes_item,
365 { "AlgorithmIdentifier", "pkinit.AlgorithmIdentifier",
366 FT_NONE, BASE_NONE, NULL, 0,
369 { "cusec", "pkinit.cusec",
370 FT_INT32, BASE_DEC, NULL, 0,
373 { "ctime", "pkinit.ctime",
374 FT_NONE, BASE_NONE, NULL, 0,
375 "KerberosTime", HFILL }},
376 { &hf_pkinit_paNonce,
377 { "nonce", "pkinit.nonce",
378 FT_UINT32, BASE_DEC, NULL, 0,
379 "INTEGER_0_4294967295", HFILL }},
380 { &hf_pkinit_paChecksum,
381 { "paChecksum", "pkinit.paChecksum",
382 FT_NONE, BASE_NONE, NULL, 0,
383 "Checksum", HFILL }},
384 { &hf_pkinit_dhSignedData,
385 { "dhSignedData", "pkinit.dhSignedData",
386 FT_NONE, BASE_NONE, NULL, 0,
387 "ContentInfo", HFILL }},
388 { &hf_pkinit_encKeyPack,
389 { "encKeyPack", "pkinit.encKeyPack",
390 FT_NONE, BASE_NONE, NULL, 0,
391 "ContentInfo", HFILL }},
392 { &hf_pkinit_subjectPublicKey,
393 { "subjectPublicKey", "pkinit.subjectPublicKey",
394 FT_BYTES, BASE_NONE, NULL, 0,
395 "BIT_STRING", HFILL }},
396 { &hf_pkinit_dhNonce,
397 { "nonce", "pkinit.nonce",
398 FT_INT32, BASE_DEC, NULL, 0,
400 { &hf_pkinit_dhKeyExpiration,
401 { "dhKeyExpiration", "pkinit.dhKeyExpiration",
402 FT_NONE, BASE_NONE, NULL, 0,
403 "KerberosTime", HFILL }},
405 /*--- End of included file: packet-pkinit-hfarr.c ---*/
406 #line 87 "packet-pkinit-template.c"
409 /* List of subtrees */
410 static gint *ett[] = {
412 /*--- Included file: packet-pkinit-ettarr.c ---*/
413 #line 1 "packet-pkinit-ettarr.c"
414 &ett_pkinit_PaPkAsReq,
415 &ett_pkinit_SEQUENCE_OF_TrustedCA,
416 &ett_pkinit_TrustedCA,
417 &ett_pkinit_AuthPack,
418 &ett_pkinit_SEQUENCE_OF_AlgorithmIdentifier,
419 &ett_pkinit_PKAuthenticator,
420 &ett_pkinit_PaPkAsRep,
421 &ett_pkinit_KDCDHKeyInfo,
423 /*--- End of included file: packet-pkinit-ettarr.c ---*/
424 #line 92 "packet-pkinit-template.c"
427 /* Register protocol */
428 proto_pkinit = proto_register_protocol(PNAME, PSNAME, PFNAME);
430 /* Register fields and subtrees */
431 proto_register_field_array(proto_pkinit, hf, array_length(hf));
432 proto_register_subtree_array(ett, array_length(ett));
437 /*--- proto_reg_handoff_pkinit -------------------------------------------*/
438 void proto_reg_handoff_pkinit(void) {
440 /*--- Included file: packet-pkinit-dis-tab.c ---*/
441 #line 1 "packet-pkinit-dis-tab.c"
442 register_ber_oid_dissector("1.3.6.1.5.2.3.1", dissect_AuthPack_PDU, proto_pkinit, "id-pkauthdata");
443 register_ber_oid_dissector("1.3.6.1.5.2.3.2", dissect_KDCDHKeyInfo_PDU, proto_pkinit, "id-pkdhkeydata");
446 /*--- End of included file: packet-pkinit-dis-tab.c ---*/
447 #line 107 "packet-pkinit-template.c"