1 /* Do not modify this file. Changes will be overwritten. */
2 /* Generated automatically by the ASN.1 to Wireshark dissector compiler */
4 /* ../../tools/asn2wrs.py -b -p pkcs12 -c ./pkcs12.cnf -s ./packet-pkcs12-template -D . -O ../../epan/dissectors pkcs12.asn */
6 /* Input file: packet-pkcs12-template.c */
8 #line 1 "../../asn1/pkcs12/packet-pkcs12-template.c"
10 * Routines for PKCS#12: Personal Information Exchange packet dissection
15 * Wireshark - Network traffic analyzer
16 * By Gerald Combs <gerald@wireshark.org>
17 * Copyright 1998 Gerald Combs
19 * This program is free software; you can redistribute it and/or
20 * modify it under the terms of the GNU General Public License
21 * as published by the Free Software Foundation; either version 2
22 * of the License, or (at your option) any later version.
24 * This program is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * GNU General Public License for more details.
29 * You should have received a copy of the GNU General Public License
30 * along with this program; if not, write to the Free Software
31 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
37 #include <epan/packet.h>
38 #include <epan/oids.h>
39 #include <epan/asn1.h>
40 #include <epan/prefs.h>
42 #include "packet-ber.h"
43 #include "packet-pkcs12.h"
44 #include "packet-x509af.h"
45 #include "packet-x509if.h"
46 #include "packet-cms.h"
48 #ifdef HAVE_SYS_TYPES_H
49 #include <sys/types.h>
52 #ifdef HAVE_SYS_TIME_H
57 #include <wsutil/wsgcrypt.h>
60 #define PNAME "PKCS#12: Personal Information Exchange"
61 #define PSNAME "PKCS12"
62 #define PFNAME "pkcs12"
64 #define PKCS12_PBE_ARCFOUR_SHA1_OID "1.2.840.113549.1.12.1.1"
65 #define PKCS12_PBE_3DES_SHA1_OID "1.2.840.113549.1.12.1.3"
66 #define PKCS12_PBE_RC2_40_SHA1_OID "1.2.840.113549.1.12.1.6"
68 void proto_register_pkcs12(void);
69 void proto_reg_handoff_pkcs12(void);
71 /* Initialize the protocol and registered fields */
72 static int proto_pkcs12 = -1;
74 static int hf_pkcs12_X509Certificate_PDU = -1;
75 static gint ett_decrypted_pbe = -1;
77 static const char *object_identifier_id = NULL;
78 static int iteration_count = 0;
79 static tvbuff_t *salt = NULL;
80 static const char *password = NULL;
81 static gboolean try_null_password = FALSE;
83 static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
84 static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
85 static void dissect_PrivateKeyInfo_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
88 /*--- Included file: packet-pkcs12-hf.c ---*/
89 #line 1 "../../asn1/pkcs12/packet-pkcs12-hf.c"
90 static int hf_pkcs12_PFX_PDU = -1; /* PFX */
91 static int hf_pkcs12_AuthenticatedSafe_PDU = -1; /* AuthenticatedSafe */
92 static int hf_pkcs12_SafeContents_PDU = -1; /* SafeContents */
93 static int hf_pkcs12_KeyBag_PDU = -1; /* KeyBag */
94 static int hf_pkcs12_PKCS8ShroudedKeyBag_PDU = -1; /* PKCS8ShroudedKeyBag */
95 static int hf_pkcs12_CertBag_PDU = -1; /* CertBag */
96 static int hf_pkcs12_CRLBag_PDU = -1; /* CRLBag */
97 static int hf_pkcs12_SecretBag_PDU = -1; /* SecretBag */
98 static int hf_pkcs12_PrivateKeyInfo_PDU = -1; /* PrivateKeyInfo */
99 static int hf_pkcs12_EncryptedPrivateKeyInfo_PDU = -1; /* EncryptedPrivateKeyInfo */
100 static int hf_pkcs12_PBEParameter_PDU = -1; /* PBEParameter */
101 static int hf_pkcs12_PBKDF2Params_PDU = -1; /* PBKDF2Params */
102 static int hf_pkcs12_PBES2Params_PDU = -1; /* PBES2Params */
103 static int hf_pkcs12_PBMAC1Params_PDU = -1; /* PBMAC1Params */
104 static int hf_pkcs12_version = -1; /* T_version */
105 static int hf_pkcs12_authSafe = -1; /* ContentInfo */
106 static int hf_pkcs12_macData = -1; /* MacData */
107 static int hf_pkcs12_mac = -1; /* DigestInfo */
108 static int hf_pkcs12_macSalt = -1; /* OCTET_STRING */
109 static int hf_pkcs12_iterations = -1; /* INTEGER */
110 static int hf_pkcs12_digestAlgorithm = -1; /* DigestAlgorithmIdentifier */
111 static int hf_pkcs12_digest = -1; /* Digest */
112 static int hf_pkcs12_AuthenticatedSafe_item = -1; /* ContentInfo */
113 static int hf_pkcs12_SafeContents_item = -1; /* SafeBag */
114 static int hf_pkcs12_bagId = -1; /* T_bagId */
115 static int hf_pkcs12_bagValue = -1; /* T_bagValue */
116 static int hf_pkcs12_bagAttributes = -1; /* SET_OF_PKCS12Attribute */
117 static int hf_pkcs12_bagAttributes_item = -1; /* PKCS12Attribute */
118 static int hf_pkcs12_certId = -1; /* T_certId */
119 static int hf_pkcs12_certValue = -1; /* T_certValue */
120 static int hf_pkcs12_crlId = -1; /* T_crlId */
121 static int hf_pkcs12_crlValue = -1; /* T_crlValue */
122 static int hf_pkcs12_secretTypeId = -1; /* T_secretTypeId */
123 static int hf_pkcs12_secretValue = -1; /* T_secretValue */
124 static int hf_pkcs12_attrId = -1; /* T_attrId */
125 static int hf_pkcs12_attrValues = -1; /* T_attrValues */
126 static int hf_pkcs12_attrValues_item = -1; /* T_attrValues_item */
127 static int hf_pkcs12_privateKeyVersion = -1; /* Version */
128 static int hf_pkcs12_privateKeyAlgorithm = -1; /* AlgorithmIdentifier */
129 static int hf_pkcs12_privateKey = -1; /* PrivateKey */
130 static int hf_pkcs12_attributes = -1; /* Attributes */
131 static int hf_pkcs12_Attributes_item = -1; /* Attribute */
132 static int hf_pkcs12_encryptionAlgorithm = -1; /* AlgorithmIdentifier */
133 static int hf_pkcs12_encryptedData = -1; /* EncryptedData */
134 static int hf_pkcs12_salt = -1; /* OCTET_STRING */
135 static int hf_pkcs12_iterationCount = -1; /* INTEGER */
136 static int hf_pkcs12_saltChoice = -1; /* T_saltChoice */
137 static int hf_pkcs12_specified = -1; /* OCTET_STRING */
138 static int hf_pkcs12_otherSource = -1; /* AlgorithmIdentifier */
139 static int hf_pkcs12_keyLength = -1; /* INTEGER_1_MAX */
140 static int hf_pkcs12_prf = -1; /* AlgorithmIdentifier */
141 static int hf_pkcs12_keyDerivationFunc = -1; /* AlgorithmIdentifier */
142 static int hf_pkcs12_encryptionScheme = -1; /* AlgorithmIdentifier */
143 static int hf_pkcs12_messageAuthScheme = -1; /* AlgorithmIdentifier */
145 /*--- End of included file: packet-pkcs12-hf.c ---*/
146 #line 80 "../../asn1/pkcs12/packet-pkcs12-template.c"
148 /* Initialize the subtree pointers */
150 /*--- Included file: packet-pkcs12-ett.c ---*/
151 #line 1 "../../asn1/pkcs12/packet-pkcs12-ett.c"
152 static gint ett_pkcs12_PFX = -1;
153 static gint ett_pkcs12_MacData = -1;
154 static gint ett_pkcs12_DigestInfo = -1;
155 static gint ett_pkcs12_AuthenticatedSafe = -1;
156 static gint ett_pkcs12_SafeContents = -1;
157 static gint ett_pkcs12_SafeBag = -1;
158 static gint ett_pkcs12_SET_OF_PKCS12Attribute = -1;
159 static gint ett_pkcs12_CertBag = -1;
160 static gint ett_pkcs12_CRLBag = -1;
161 static gint ett_pkcs12_SecretBag = -1;
162 static gint ett_pkcs12_PKCS12Attribute = -1;
163 static gint ett_pkcs12_T_attrValues = -1;
164 static gint ett_pkcs12_PrivateKeyInfo = -1;
165 static gint ett_pkcs12_Attributes = -1;
166 static gint ett_pkcs12_EncryptedPrivateKeyInfo = -1;
167 static gint ett_pkcs12_PBEParameter = -1;
168 static gint ett_pkcs12_PBKDF2Params = -1;
169 static gint ett_pkcs12_T_saltChoice = -1;
170 static gint ett_pkcs12_PBES2Params = -1;
171 static gint ett_pkcs12_PBMAC1Params = -1;
173 /*--- End of included file: packet-pkcs12-ett.c ---*/
174 #line 83 "../../asn1/pkcs12/packet-pkcs12-template.c"
176 static void append_oid(proto_tree *tree, const char *oid)
178 const char *name = NULL;
180 name = oid_resolved_from_string(oid);
181 proto_item_append_text(tree, " (%s)", name ? name : oid);
184 #ifdef HAVE_LIBGCRYPT
187 generate_key_or_iv(unsigned int id, tvbuff_t *salt_tvb, unsigned int iter,
188 const char *pw, unsigned int req_keylen, char * keybuf)
193 gcry_mpi_t num_b1 = NULL;
195 char hash[20], buf_b[64], buf_i[128], *p;
204 salt_size = tvb_length(salt_tvb);
205 salt_p = tvb_get_ephemeral_string(salt_tvb, 0, salt_size);
217 /* Store salt and password in BUF_I */
219 for (i = 0; i < 64; i++)
220 *p++ = salt_p[i % salt_size];
223 for (i = j = 0; i < 64; i += 2)
227 if (++j > pwlen) /* Note, that we include the trailing zero */
235 err = gcry_md_open(&md, GCRY_MD_SHA1, 0);
236 if (gcry_err_code(err)) {
239 for (i = 0; i < 64; i++) {
240 unsigned char lid = id & 0xFF;
241 gcry_md_write (md, &lid, 1);
244 gcry_md_write(md, buf_i, pw ? 128 : 64);
247 memcpy (hash, gcry_md_read (md, 0), 20);
251 for (i = 1; i < iter; i++)
252 gcry_md_hash_buffer (GCRY_MD_SHA1, hash, hash, 20);
254 for (i = 0; i < 20 && cur_keylen < req_keylen; i++)
255 keybuf[cur_keylen++] = hash[i];
257 if (cur_keylen == req_keylen) {
258 gcry_mpi_release (num_b1);
259 return TRUE; /* ready */
262 /* need more bytes. */
263 for (i = 0; i < 64; i++)
264 buf_b[i] = hash[i % 20];
268 rc = gcry_mpi_scan (&num_b1, GCRYMPI_FMT_USG, buf_b, n, &n);
274 gcry_mpi_add_ui (num_b1, num_b1, 1);
276 for (i = 0; i < 128; i += 64) {
280 rc = gcry_mpi_scan (&num_ij, GCRYMPI_FMT_USG, buf_i + i, n, &n);
286 gcry_mpi_add (num_ij, num_ij, num_b1);
287 gcry_mpi_clear_highbit (num_ij, 64 * 8);
291 rc = gcry_mpi_print (GCRYMPI_FMT_USG, buf_i + i, n, &n, num_ij);
296 gcry_mpi_release (num_ij);
303 void PBE_reset_parameters(void)
309 int PBE_decrypt_data(const char *object_identifier_id_param, tvbuff_t *encrypted_tvb, asn1_ctx_t *actx, proto_item *item)
311 #ifdef HAVE_LIBGCRYPT
312 const char *encryption_algorithm;
313 gcry_cipher_hd_t cipher;
322 char *clear_data = NULL;
323 tvbuff_t *clear_tvb = NULL;
324 const gchar *oidname;
328 gboolean decrypt_ok = TRUE;
330 if(((password == NULL) || (*password == '\0')) && (try_null_password == FALSE)) {
331 /* we are not configured to decrypt */
335 encryption_algorithm = x509af_get_last_algorithm_id();
337 /* these are the only encryption schemes we understand for now */
338 if(!strcmp(encryption_algorithm, PKCS12_PBE_3DES_SHA1_OID)) {
341 algo = GCRY_CIPHER_3DES;
342 mode = GCRY_CIPHER_MODE_CBC;
343 } else if(!strcmp(encryption_algorithm, PKCS12_PBE_ARCFOUR_SHA1_OID)) {
346 algo = GCRY_CIPHER_ARCFOUR;
347 mode = GCRY_CIPHER_MODE_NONE;
348 } else if(!strcmp(encryption_algorithm, PKCS12_PBE_RC2_40_SHA1_OID)) {
351 algo = GCRY_CIPHER_RFC2268_40;
352 mode = GCRY_CIPHER_MODE_CBC;
354 /* we don't know how to decrypt this */
356 proto_item_append_text(item, " [Unsupported encryption algorithm]");
360 if((iteration_count == 0) || (salt == NULL)) {
361 proto_item_append_text(item, " [Insufficient parameters]");
365 /* allocate buffers */
366 key = (char *)wmem_alloc(wmem_packet_scope(), keylen);
368 if(!generate_key_or_iv(1 /*LEY */, salt, iteration_count, password, keylen, key))
373 iv = (char *)wmem_alloc(wmem_packet_scope(), ivlen);
375 if(!generate_key_or_iv(2 /* IV */, salt, iteration_count, password, ivlen, iv))
379 /* now try an internal function */
380 err = gcry_cipher_open(&cipher, algo, mode, 0);
381 if (gcry_err_code (err))
384 err = gcry_cipher_setkey (cipher, key, keylen);
385 if (gcry_err_code (err)) {
386 gcry_cipher_close (cipher);
391 err = gcry_cipher_setiv (cipher, iv, ivlen);
392 if (gcry_err_code (err)) {
393 gcry_cipher_close (cipher);
398 datalen = tvb_length(encrypted_tvb);
399 clear_data = (char *)g_malloc(datalen);
401 err = gcry_cipher_decrypt (cipher, clear_data, datalen, tvb_get_ephemeral_string(encrypted_tvb, 0, datalen), datalen);
402 if (gcry_err_code (err)) {
404 proto_item_append_text(item, " [Failed to decrypt with password preference]");
406 gcry_cipher_close (cipher);
411 gcry_cipher_close (cipher);
413 /* We don't know if we have successfully decrypted the data or not so we:
414 a) check the trailing bytes
415 b) see if we start with a sequence or a set (is this too constraining?
418 /* first the trailing bytes */
419 byte = clear_data[datalen-1];
423 for(i = (int)byte; i > 0 ; i--) {
424 if(clear_data[datalen - i] != byte) {
430 /* XXX: is this a failure? */
433 /* we assume the result is ASN.1 - check it is a SET or SEQUENCE */
434 byte = clear_data[0];
435 if((byte != 0x30) && (byte != 0x31)) { /* do we need more here? OCTET STRING? */
441 proto_item_append_text(item, " [Failed to decrypt with supplied password]");
446 proto_item_append_text(item, " [Decrypted successfully]");
448 tree = proto_item_add_subtree(item, ett_decrypted_pbe);
450 /* OK - so now clear_data contains the decrypted data */
452 clear_tvb = tvb_new_child_real_data(encrypted_tvb,(const guint8 *)clear_data, datalen, datalen);
453 tvb_set_free_cb(clear_tvb, g_free);
455 name = g_string_new("");
456 oidname = oid_resolved_from_string(object_identifier_id_param);
457 g_string_printf(name, "Decrypted %s", oidname ? oidname : object_identifier_id_param);
459 /* add it as a new source */
460 add_new_data_source(actx->pinfo, clear_tvb, name->str);
462 g_string_free(name, TRUE);
464 /* now try and decode it */
465 call_ber_oid_callback(object_identifier_id_param, clear_tvb, 0, actx->pinfo, tree);
469 /* we cannot decrypt */
476 /*--- Included file: packet-pkcs12-fn.c ---*/
477 #line 1 "../../asn1/pkcs12/packet-pkcs12-fn.c"
479 static const value_string pkcs12_T_version_vals[] = {
486 dissect_pkcs12_T_version(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
487 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
494 static const ber_sequence_t DigestInfo_sequence[] = {
495 { &hf_pkcs12_digestAlgorithm, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_cms_DigestAlgorithmIdentifier },
496 { &hf_pkcs12_digest , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_cms_Digest },
497 { NULL, 0, 0, 0, NULL }
501 dissect_pkcs12_DigestInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
502 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
503 DigestInfo_sequence, hf_index, ett_pkcs12_DigestInfo);
511 dissect_pkcs12_OCTET_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
512 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
513 (hf_index == hf_pkcs12_salt ? &salt : NULL));
521 dissect_pkcs12_INTEGER(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
522 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
523 (hf_index == hf_pkcs12_iterationCount ? &iteration_count : NULL));
529 static const ber_sequence_t MacData_sequence[] = {
530 { &hf_pkcs12_mac , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkcs12_DigestInfo },
531 { &hf_pkcs12_macSalt , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_OCTET_STRING },
532 { &hf_pkcs12_iterations , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_pkcs12_INTEGER },
533 { NULL, 0, 0, 0, NULL }
537 dissect_pkcs12_MacData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
538 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
539 MacData_sequence, hf_index, ett_pkcs12_MacData);
545 static const ber_sequence_t PFX_sequence[] = {
546 { &hf_pkcs12_version , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_version },
547 { &hf_pkcs12_authSafe , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_cms_ContentInfo },
548 { &hf_pkcs12_macData , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_pkcs12_MacData },
549 { NULL, 0, 0, 0, NULL }
553 dissect_pkcs12_PFX(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
554 #line 60 "../../asn1/pkcs12/pkcs12.cnf"
555 dissector_handle_t dissector_handle;
557 /* we change the CMS id-data dissector to dissect as AuthenticatedSafe
558 not sure why PKCS#12 couldn't have used its own content type OID for AuthenticatedSafe */
559 dissector_handle=create_dissector_handle(dissect_AuthenticatedSafe_OCTETSTRING_PDU, proto_pkcs12);
560 dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
562 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
563 PFX_sequence, hf_index, ett_pkcs12_PFX);
566 /* restore the original dissector */
567 dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
575 static const ber_sequence_t AuthenticatedSafe_sequence_of[1] = {
576 { &hf_pkcs12_AuthenticatedSafe_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_cms_ContentInfo },
580 dissect_pkcs12_AuthenticatedSafe(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
581 #line 73 "../../asn1/pkcs12/pkcs12.cnf"
582 dissector_handle_t dissector_handle;
584 /* we change the CMS id-data dissector to dissect as SafeContents */
585 dissector_handle=create_dissector_handle(dissect_SafeContents_OCTETSTRING_PDU, proto_pkcs12);
586 dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
588 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
589 AuthenticatedSafe_sequence_of, hf_index, ett_pkcs12_AuthenticatedSafe);
592 /* restore the original dissector */
593 dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
603 dissect_pkcs12_T_bagId(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
604 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
606 #line 86 "../../asn1/pkcs12/pkcs12.cnf"
607 append_oid(tree, object_identifier_id);
615 dissect_pkcs12_T_bagValue(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
616 #line 110 "../../asn1/pkcs12/pkcs12.cnf"
617 if(object_identifier_id)
618 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree);
628 dissect_pkcs12_T_attrId(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
629 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
631 #line 106 "../../asn1/pkcs12/pkcs12.cnf"
632 append_oid(tree, object_identifier_id);
640 dissect_pkcs12_T_attrValues_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
641 #line 114 "../../asn1/pkcs12/pkcs12.cnf"
642 if(object_identifier_id)
643 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree);
651 static const ber_sequence_t T_attrValues_set_of[1] = {
652 { &hf_pkcs12_attrValues_item, BER_CLASS_ANY, 0, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_attrValues_item },
656 dissect_pkcs12_T_attrValues(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
657 offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
658 T_attrValues_set_of, hf_index, ett_pkcs12_T_attrValues);
664 static const ber_sequence_t PKCS12Attribute_sequence[] = {
665 { &hf_pkcs12_attrId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_attrId },
666 { &hf_pkcs12_attrValues , BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_attrValues },
667 { NULL, 0, 0, 0, NULL }
671 dissect_pkcs12_PKCS12Attribute(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
672 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
673 PKCS12Attribute_sequence, hf_index, ett_pkcs12_PKCS12Attribute);
679 static const ber_sequence_t SET_OF_PKCS12Attribute_set_of[1] = {
680 { &hf_pkcs12_bagAttributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkcs12_PKCS12Attribute },
684 dissect_pkcs12_SET_OF_PKCS12Attribute(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
685 offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
686 SET_OF_PKCS12Attribute_set_of, hf_index, ett_pkcs12_SET_OF_PKCS12Attribute);
692 static const ber_sequence_t SafeBag_sequence[] = {
693 { &hf_pkcs12_bagId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_bagId },
694 { &hf_pkcs12_bagValue , BER_CLASS_CON, 0, 0, dissect_pkcs12_T_bagValue },
695 { &hf_pkcs12_bagAttributes, BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_pkcs12_SET_OF_PKCS12Attribute },
696 { NULL, 0, 0, 0, NULL }
700 dissect_pkcs12_SafeBag(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
701 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
702 SafeBag_sequence, hf_index, ett_pkcs12_SafeBag);
708 static const ber_sequence_t SafeContents_sequence_of[1] = {
709 { &hf_pkcs12_SafeContents_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkcs12_SafeBag },
713 dissect_pkcs12_SafeContents(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
714 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
715 SafeContents_sequence_of, hf_index, ett_pkcs12_SafeContents);
721 static const value_string pkcs12_Version_vals[] = {
728 dissect_pkcs12_Version(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
729 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
738 dissect_pkcs12_PrivateKey(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
739 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
746 static const ber_sequence_t Attributes_set_of[1] = {
747 { &hf_pkcs12_Attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509if_Attribute },
751 dissect_pkcs12_Attributes(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
752 offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
753 Attributes_set_of, hf_index, ett_pkcs12_Attributes);
759 static const ber_sequence_t PrivateKeyInfo_sequence[] = {
760 { &hf_pkcs12_privateKeyVersion, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_pkcs12_Version },
761 { &hf_pkcs12_privateKeyAlgorithm, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
762 { &hf_pkcs12_privateKey , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_PrivateKey },
763 { &hf_pkcs12_attributes , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG, dissect_pkcs12_Attributes },
764 { NULL, 0, 0, 0, NULL }
768 dissect_pkcs12_PrivateKeyInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
769 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
770 PrivateKeyInfo_sequence, hf_index, ett_pkcs12_PrivateKeyInfo);
778 dissect_pkcs12_KeyBag(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
779 offset = dissect_pkcs12_PrivateKeyInfo(implicit_tag, tvb, offset, actx, tree, hf_index);
787 dissect_pkcs12_EncryptedData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
788 #line 141 "../../asn1/pkcs12/pkcs12.cnf"
789 tvbuff_t *encrypted_tvb;
790 dissector_handle_t dissector_handle;
793 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
796 #line 147 "../../asn1/pkcs12/pkcs12.cnf"
800 dissector_handle=create_dissector_handle(dissect_PrivateKeyInfo_PDU, proto_pkcs12);
801 dissector_change_string("ber.oid", object_identifier_id, dissector_handle);
803 PBE_decrypt_data(object_identifier_id, encrypted_tvb, actx, actx->created_item);
805 /* restore the original dissector */
806 dissector_reset_string("ber.oid", object_identifier_id);
813 static const ber_sequence_t EncryptedPrivateKeyInfo_sequence[] = {
814 { &hf_pkcs12_encryptionAlgorithm, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
815 { &hf_pkcs12_encryptedData, BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_EncryptedData },
816 { NULL, 0, 0, 0, NULL }
820 dissect_pkcs12_EncryptedPrivateKeyInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
821 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
822 EncryptedPrivateKeyInfo_sequence, hf_index, ett_pkcs12_EncryptedPrivateKeyInfo);
830 dissect_pkcs12_PKCS8ShroudedKeyBag(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
831 offset = dissect_pkcs12_EncryptedPrivateKeyInfo(implicit_tag, tvb, offset, actx, tree, hf_index);
839 dissect_pkcs12_T_certId(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
840 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
842 #line 91 "../../asn1/pkcs12/pkcs12.cnf"
843 append_oid(tree, object_identifier_id);
851 dissect_pkcs12_T_certValue(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
852 #line 118 "../../asn1/pkcs12/pkcs12.cnf"
853 if(object_identifier_id)
854 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree);
862 static const ber_sequence_t CertBag_sequence[] = {
863 { &hf_pkcs12_certId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_certId },
864 { &hf_pkcs12_certValue , BER_CLASS_CON, 0, 0, dissect_pkcs12_T_certValue },
865 { NULL, 0, 0, 0, NULL }
869 dissect_pkcs12_CertBag(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
870 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
871 CertBag_sequence, hf_index, ett_pkcs12_CertBag);
879 dissect_pkcs12_T_crlId(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
880 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
882 #line 96 "../../asn1/pkcs12/pkcs12.cnf"
883 append_oid(tree, object_identifier_id);
891 dissect_pkcs12_T_crlValue(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
892 #line 122 "../../asn1/pkcs12/pkcs12.cnf"
893 if(object_identifier_id)
894 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree);
902 static const ber_sequence_t CRLBag_sequence[] = {
903 { &hf_pkcs12_crlId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_crlId },
904 { &hf_pkcs12_crlValue , BER_CLASS_CON, 0, 0, dissect_pkcs12_T_crlValue },
905 { NULL, 0, 0, 0, NULL }
909 dissect_pkcs12_CRLBag(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
910 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
911 CRLBag_sequence, hf_index, ett_pkcs12_CRLBag);
919 dissect_pkcs12_T_secretTypeId(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
920 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &object_identifier_id);
922 #line 101 "../../asn1/pkcs12/pkcs12.cnf"
923 append_oid(tree, object_identifier_id);
931 dissect_pkcs12_T_secretValue(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
932 #line 126 "../../asn1/pkcs12/pkcs12.cnf"
933 if(object_identifier_id)
934 offset = call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree);
942 static const ber_sequence_t SecretBag_sequence[] = {
943 { &hf_pkcs12_secretTypeId , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs12_T_secretTypeId },
944 { &hf_pkcs12_secretValue , BER_CLASS_CON, 0, 0, dissect_pkcs12_T_secretValue },
945 { NULL, 0, 0, 0, NULL }
949 dissect_pkcs12_SecretBag(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
950 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
951 SecretBag_sequence, hf_index, ett_pkcs12_SecretBag);
957 static const ber_sequence_t PBEParameter_sequence[] = {
958 { &hf_pkcs12_salt , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_OCTET_STRING },
959 { &hf_pkcs12_iterationCount, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_pkcs12_INTEGER },
960 { NULL, 0, 0, 0, NULL }
964 dissect_pkcs12_PBEParameter(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
965 #line 130 "../../asn1/pkcs12/pkcs12.cnf"
966 /* initialise the encryption parameters */
967 PBE_reset_parameters();
970 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
971 PBEParameter_sequence, hf_index, ett_pkcs12_PBEParameter);
977 static const value_string pkcs12_T_saltChoice_vals[] = {
979 { 1, "otherSource" },
983 static const ber_choice_t T_saltChoice_choice[] = {
984 { 0, &hf_pkcs12_specified , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs12_OCTET_STRING },
985 { 1, &hf_pkcs12_otherSource , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
986 { 0, NULL, 0, 0, 0, NULL }
990 dissect_pkcs12_T_saltChoice(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
991 offset = dissect_ber_choice(actx, tree, tvb, offset,
992 T_saltChoice_choice, hf_index, ett_pkcs12_T_saltChoice,
1001 dissect_pkcs12_INTEGER_1_MAX(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1002 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1009 static const ber_sequence_t PBKDF2Params_sequence[] = {
1010 { &hf_pkcs12_saltChoice , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_pkcs12_T_saltChoice },
1011 { &hf_pkcs12_iterationCount, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_pkcs12_INTEGER },
1012 { &hf_pkcs12_keyLength , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_pkcs12_INTEGER_1_MAX },
1013 { &hf_pkcs12_prf , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
1014 { NULL, 0, 0, 0, NULL }
1018 dissect_pkcs12_PBKDF2Params(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1019 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
1020 PBKDF2Params_sequence, hf_index, ett_pkcs12_PBKDF2Params);
1026 static const ber_sequence_t PBES2Params_sequence[] = {
1027 { &hf_pkcs12_keyDerivationFunc, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
1028 { &hf_pkcs12_encryptionScheme, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
1029 { NULL, 0, 0, 0, NULL }
1033 dissect_pkcs12_PBES2Params(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1034 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
1035 PBES2Params_sequence, hf_index, ett_pkcs12_PBES2Params);
1041 static const ber_sequence_t PBMAC1Params_sequence[] = {
1042 { &hf_pkcs12_keyDerivationFunc, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
1043 { &hf_pkcs12_messageAuthScheme, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_x509af_AlgorithmIdentifier },
1044 { NULL, 0, 0, 0, NULL }
1048 dissect_pkcs12_PBMAC1Params(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1049 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
1050 PBMAC1Params_sequence, hf_index, ett_pkcs12_PBMAC1Params);
1057 static void dissect_PFX_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1058 asn1_ctx_t asn1_ctx;
1059 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1060 dissect_pkcs12_PFX(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_PFX_PDU);
1062 static void dissect_AuthenticatedSafe_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1063 asn1_ctx_t asn1_ctx;
1064 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1065 dissect_pkcs12_AuthenticatedSafe(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_AuthenticatedSafe_PDU);
1067 static void dissect_SafeContents_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1068 asn1_ctx_t asn1_ctx;
1069 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1070 dissect_pkcs12_SafeContents(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_SafeContents_PDU);
1072 static void dissect_KeyBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1073 asn1_ctx_t asn1_ctx;
1074 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1075 dissect_pkcs12_KeyBag(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_KeyBag_PDU);
1077 static void dissect_PKCS8ShroudedKeyBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1078 asn1_ctx_t asn1_ctx;
1079 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1080 dissect_pkcs12_PKCS8ShroudedKeyBag(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_PKCS8ShroudedKeyBag_PDU);
1082 static void dissect_CertBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1083 asn1_ctx_t asn1_ctx;
1084 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1085 dissect_pkcs12_CertBag(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_CertBag_PDU);
1087 static void dissect_CRLBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1088 asn1_ctx_t asn1_ctx;
1089 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1090 dissect_pkcs12_CRLBag(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_CRLBag_PDU);
1092 static void dissect_SecretBag_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1093 asn1_ctx_t asn1_ctx;
1094 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1095 dissect_pkcs12_SecretBag(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_SecretBag_PDU);
1097 static void dissect_PrivateKeyInfo_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1098 asn1_ctx_t asn1_ctx;
1099 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1100 dissect_pkcs12_PrivateKeyInfo(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_PrivateKeyInfo_PDU);
1102 static void dissect_EncryptedPrivateKeyInfo_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1103 asn1_ctx_t asn1_ctx;
1104 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1105 dissect_pkcs12_EncryptedPrivateKeyInfo(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_EncryptedPrivateKeyInfo_PDU);
1107 static void dissect_PBEParameter_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1108 asn1_ctx_t asn1_ctx;
1109 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1110 dissect_pkcs12_PBEParameter(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_PBEParameter_PDU);
1112 static void dissect_PBKDF2Params_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1113 asn1_ctx_t asn1_ctx;
1114 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1115 dissect_pkcs12_PBKDF2Params(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_PBKDF2Params_PDU);
1117 static void dissect_PBES2Params_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1118 asn1_ctx_t asn1_ctx;
1119 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1120 dissect_pkcs12_PBES2Params(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_PBES2Params_PDU);
1122 static void dissect_PBMAC1Params_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
1123 asn1_ctx_t asn1_ctx;
1124 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1125 dissect_pkcs12_PBMAC1Params(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkcs12_PBMAC1Params_PDU);
1129 /*--- End of included file: packet-pkcs12-fn.c ---*/
1130 #line 384 "../../asn1/pkcs12/packet-pkcs12-template.c"
1132 static int strip_octet_string(tvbuff_t *tvb)
1140 /* PKCS#7 encodes the content as OCTET STRING, whereas CMS is just any ANY */
1141 /* if we use CMS (rather than PKCS#7) - which we are - we need to strip the OCTET STRING tag */
1142 /* before proceeding */
1144 offset = get_ber_identifier(tvb, 0, &ber_class, &pc, &tag);
1145 offset = get_ber_length(tvb, offset, &len, &ind);
1147 if((ber_class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_OCTETSTRING))
1154 static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
1156 asn1_ctx_t asn1_ctx;
1157 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1159 if((offset = strip_octet_string(tvb)) > 0)
1160 dissect_pkcs12_AuthenticatedSafe(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_AuthenticatedSafe_PDU);
1162 proto_tree_add_text(tree, tvb, 0, 1, "BER Error: OCTET STRING expected");
1165 static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1168 asn1_ctx_t asn1_ctx;
1169 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1171 offset = strip_octet_string(tvb);
1173 dissect_pkcs12_SafeContents(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_SafeContents_PDU);
1176 static void dissect_X509Certificate_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1179 asn1_ctx_t asn1_ctx;
1180 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1182 if((offset = strip_octet_string(tvb)) > 0)
1183 dissect_x509af_Certificate(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_X509Certificate_PDU);
1185 proto_tree_add_text(tree, tvb, 0, 1, "BER Error: OCTET STRING expected");
1188 /*--- proto_register_pkcs12 ----------------------------------------------*/
1189 void proto_register_pkcs12(void) {
1191 /* List of fields */
1192 static hf_register_info hf[] = {
1193 { &hf_pkcs12_X509Certificate_PDU,
1194 { "X509Certificate", "pkcs12.X509Certificate",
1195 FT_NONE, BASE_NONE, NULL, 0,
1196 "pkcs12.X509Certificate", HFILL }},
1198 /*--- Included file: packet-pkcs12-hfarr.c ---*/
1199 #line 1 "../../asn1/pkcs12/packet-pkcs12-hfarr.c"
1200 { &hf_pkcs12_PFX_PDU,
1201 { "PFX", "pkcs12.PFX_element",
1202 FT_NONE, BASE_NONE, NULL, 0,
1204 { &hf_pkcs12_AuthenticatedSafe_PDU,
1205 { "AuthenticatedSafe", "pkcs12.AuthenticatedSafe",
1206 FT_UINT32, BASE_DEC, NULL, 0,
1208 { &hf_pkcs12_SafeContents_PDU,
1209 { "SafeContents", "pkcs12.SafeContents",
1210 FT_UINT32, BASE_DEC, NULL, 0,
1212 { &hf_pkcs12_KeyBag_PDU,
1213 { "KeyBag", "pkcs12.KeyBag_element",
1214 FT_NONE, BASE_NONE, NULL, 0,
1216 { &hf_pkcs12_PKCS8ShroudedKeyBag_PDU,
1217 { "PKCS8ShroudedKeyBag", "pkcs12.PKCS8ShroudedKeyBag_element",
1218 FT_NONE, BASE_NONE, NULL, 0,
1220 { &hf_pkcs12_CertBag_PDU,
1221 { "CertBag", "pkcs12.CertBag_element",
1222 FT_NONE, BASE_NONE, NULL, 0,
1224 { &hf_pkcs12_CRLBag_PDU,
1225 { "CRLBag", "pkcs12.CRLBag_element",
1226 FT_NONE, BASE_NONE, NULL, 0,
1228 { &hf_pkcs12_SecretBag_PDU,
1229 { "SecretBag", "pkcs12.SecretBag_element",
1230 FT_NONE, BASE_NONE, NULL, 0,
1232 { &hf_pkcs12_PrivateKeyInfo_PDU,
1233 { "PrivateKeyInfo", "pkcs12.PrivateKeyInfo_element",
1234 FT_NONE, BASE_NONE, NULL, 0,
1236 { &hf_pkcs12_EncryptedPrivateKeyInfo_PDU,
1237 { "EncryptedPrivateKeyInfo", "pkcs12.EncryptedPrivateKeyInfo_element",
1238 FT_NONE, BASE_NONE, NULL, 0,
1240 { &hf_pkcs12_PBEParameter_PDU,
1241 { "PBEParameter", "pkcs12.PBEParameter_element",
1242 FT_NONE, BASE_NONE, NULL, 0,
1244 { &hf_pkcs12_PBKDF2Params_PDU,
1245 { "PBKDF2Params", "pkcs12.PBKDF2Params_element",
1246 FT_NONE, BASE_NONE, NULL, 0,
1248 { &hf_pkcs12_PBES2Params_PDU,
1249 { "PBES2Params", "pkcs12.PBES2Params_element",
1250 FT_NONE, BASE_NONE, NULL, 0,
1252 { &hf_pkcs12_PBMAC1Params_PDU,
1253 { "PBMAC1Params", "pkcs12.PBMAC1Params_element",
1254 FT_NONE, BASE_NONE, NULL, 0,
1256 { &hf_pkcs12_version,
1257 { "version", "pkcs12.version",
1258 FT_UINT32, BASE_DEC, VALS(pkcs12_T_version_vals), 0,
1260 { &hf_pkcs12_authSafe,
1261 { "authSafe", "pkcs12.authSafe_element",
1262 FT_NONE, BASE_NONE, NULL, 0,
1263 "ContentInfo", HFILL }},
1264 { &hf_pkcs12_macData,
1265 { "macData", "pkcs12.macData_element",
1266 FT_NONE, BASE_NONE, NULL, 0,
1269 { "mac", "pkcs12.mac_element",
1270 FT_NONE, BASE_NONE, NULL, 0,
1271 "DigestInfo", HFILL }},
1272 { &hf_pkcs12_macSalt,
1273 { "macSalt", "pkcs12.macSalt",
1274 FT_BYTES, BASE_NONE, NULL, 0,
1275 "OCTET_STRING", HFILL }},
1276 { &hf_pkcs12_iterations,
1277 { "iterations", "pkcs12.iterations",
1278 FT_INT32, BASE_DEC, NULL, 0,
1279 "INTEGER", HFILL }},
1280 { &hf_pkcs12_digestAlgorithm,
1281 { "digestAlgorithm", "pkcs12.digestAlgorithm_element",
1282 FT_NONE, BASE_NONE, NULL, 0,
1283 "DigestAlgorithmIdentifier", HFILL }},
1284 { &hf_pkcs12_digest,
1285 { "digest", "pkcs12.digest",
1286 FT_BYTES, BASE_NONE, NULL, 0,
1288 { &hf_pkcs12_AuthenticatedSafe_item,
1289 { "ContentInfo", "pkcs12.ContentInfo_element",
1290 FT_NONE, BASE_NONE, NULL, 0,
1292 { &hf_pkcs12_SafeContents_item,
1293 { "SafeBag", "pkcs12.SafeBag_element",
1294 FT_NONE, BASE_NONE, NULL, 0,
1297 { "bagId", "pkcs12.bagId",
1298 FT_OID, BASE_NONE, NULL, 0,
1300 { &hf_pkcs12_bagValue,
1301 { "bagValue", "pkcs12.bagValue_element",
1302 FT_NONE, BASE_NONE, NULL, 0,
1304 { &hf_pkcs12_bagAttributes,
1305 { "bagAttributes", "pkcs12.bagAttributes",
1306 FT_UINT32, BASE_DEC, NULL, 0,
1307 "SET_OF_PKCS12Attribute", HFILL }},
1308 { &hf_pkcs12_bagAttributes_item,
1309 { "PKCS12Attribute", "pkcs12.PKCS12Attribute_element",
1310 FT_NONE, BASE_NONE, NULL, 0,
1312 { &hf_pkcs12_certId,
1313 { "certId", "pkcs12.certId",
1314 FT_OID, BASE_NONE, NULL, 0,
1316 { &hf_pkcs12_certValue,
1317 { "certValue", "pkcs12.certValue_element",
1318 FT_NONE, BASE_NONE, NULL, 0,
1321 { "crlId", "pkcs12.crlId",
1322 FT_OID, BASE_NONE, NULL, 0,
1324 { &hf_pkcs12_crlValue,
1325 { "crlValue", "pkcs12.crlValue_element",
1326 FT_NONE, BASE_NONE, NULL, 0,
1328 { &hf_pkcs12_secretTypeId,
1329 { "secretTypeId", "pkcs12.secretTypeId",
1330 FT_OID, BASE_NONE, NULL, 0,
1332 { &hf_pkcs12_secretValue,
1333 { "secretValue", "pkcs12.secretValue_element",
1334 FT_NONE, BASE_NONE, NULL, 0,
1336 { &hf_pkcs12_attrId,
1337 { "attrId", "pkcs12.attrId",
1338 FT_OID, BASE_NONE, NULL, 0,
1340 { &hf_pkcs12_attrValues,
1341 { "attrValues", "pkcs12.attrValues",
1342 FT_UINT32, BASE_DEC, NULL, 0,
1344 { &hf_pkcs12_attrValues_item,
1345 { "attrValues item", "pkcs12.attrValues_item_element",
1346 FT_NONE, BASE_NONE, NULL, 0,
1348 { &hf_pkcs12_privateKeyVersion,
1349 { "version", "pkcs12.version",
1350 FT_UINT32, BASE_DEC, VALS(pkcs12_Version_vals), 0,
1352 { &hf_pkcs12_privateKeyAlgorithm,
1353 { "privateKeyAlgorithm", "pkcs12.privateKeyAlgorithm_element",
1354 FT_NONE, BASE_NONE, NULL, 0,
1355 "AlgorithmIdentifier", HFILL }},
1356 { &hf_pkcs12_privateKey,
1357 { "privateKey", "pkcs12.privateKey",
1358 FT_BYTES, BASE_NONE, NULL, 0,
1360 { &hf_pkcs12_attributes,
1361 { "attributes", "pkcs12.attributes",
1362 FT_UINT32, BASE_DEC, NULL, 0,
1364 { &hf_pkcs12_Attributes_item,
1365 { "Attribute", "pkcs12.Attribute_element",
1366 FT_NONE, BASE_NONE, NULL, 0,
1368 { &hf_pkcs12_encryptionAlgorithm,
1369 { "encryptionAlgorithm", "pkcs12.encryptionAlgorithm_element",
1370 FT_NONE, BASE_NONE, NULL, 0,
1371 "AlgorithmIdentifier", HFILL }},
1372 { &hf_pkcs12_encryptedData,
1373 { "encryptedData", "pkcs12.encryptedData",
1374 FT_BYTES, BASE_NONE, NULL, 0,
1377 { "salt", "pkcs12.salt",
1378 FT_BYTES, BASE_NONE, NULL, 0,
1379 "OCTET_STRING", HFILL }},
1380 { &hf_pkcs12_iterationCount,
1381 { "iterationCount", "pkcs12.iterationCount",
1382 FT_INT32, BASE_DEC, NULL, 0,
1383 "INTEGER", HFILL }},
1384 { &hf_pkcs12_saltChoice,
1385 { "salt", "pkcs12.salt",
1386 FT_UINT32, BASE_DEC, VALS(pkcs12_T_saltChoice_vals), 0,
1387 "T_saltChoice", HFILL }},
1388 { &hf_pkcs12_specified,
1389 { "specified", "pkcs12.specified",
1390 FT_BYTES, BASE_NONE, NULL, 0,
1391 "OCTET_STRING", HFILL }},
1392 { &hf_pkcs12_otherSource,
1393 { "otherSource", "pkcs12.otherSource_element",
1394 FT_NONE, BASE_NONE, NULL, 0,
1395 "AlgorithmIdentifier", HFILL }},
1396 { &hf_pkcs12_keyLength,
1397 { "keyLength", "pkcs12.keyLength",
1398 FT_UINT32, BASE_DEC, NULL, 0,
1399 "INTEGER_1_MAX", HFILL }},
1401 { "prf", "pkcs12.prf_element",
1402 FT_NONE, BASE_NONE, NULL, 0,
1403 "AlgorithmIdentifier", HFILL }},
1404 { &hf_pkcs12_keyDerivationFunc,
1405 { "keyDerivationFunc", "pkcs12.keyDerivationFunc_element",
1406 FT_NONE, BASE_NONE, NULL, 0,
1407 "AlgorithmIdentifier", HFILL }},
1408 { &hf_pkcs12_encryptionScheme,
1409 { "encryptionScheme", "pkcs12.encryptionScheme_element",
1410 FT_NONE, BASE_NONE, NULL, 0,
1411 "AlgorithmIdentifier", HFILL }},
1412 { &hf_pkcs12_messageAuthScheme,
1413 { "messageAuthScheme", "pkcs12.messageAuthScheme_element",
1414 FT_NONE, BASE_NONE, NULL, 0,
1415 "AlgorithmIdentifier", HFILL }},
1417 /*--- End of included file: packet-pkcs12-hfarr.c ---*/
1418 #line 451 "../../asn1/pkcs12/packet-pkcs12-template.c"
1421 /* List of subtrees */
1422 static gint *ett[] = {
1425 /*--- Included file: packet-pkcs12-ettarr.c ---*/
1426 #line 1 "../../asn1/pkcs12/packet-pkcs12-ettarr.c"
1428 &ett_pkcs12_MacData,
1429 &ett_pkcs12_DigestInfo,
1430 &ett_pkcs12_AuthenticatedSafe,
1431 &ett_pkcs12_SafeContents,
1432 &ett_pkcs12_SafeBag,
1433 &ett_pkcs12_SET_OF_PKCS12Attribute,
1434 &ett_pkcs12_CertBag,
1436 &ett_pkcs12_SecretBag,
1437 &ett_pkcs12_PKCS12Attribute,
1438 &ett_pkcs12_T_attrValues,
1439 &ett_pkcs12_PrivateKeyInfo,
1440 &ett_pkcs12_Attributes,
1441 &ett_pkcs12_EncryptedPrivateKeyInfo,
1442 &ett_pkcs12_PBEParameter,
1443 &ett_pkcs12_PBKDF2Params,
1444 &ett_pkcs12_T_saltChoice,
1445 &ett_pkcs12_PBES2Params,
1446 &ett_pkcs12_PBMAC1Params,
1448 /*--- End of included file: packet-pkcs12-ettarr.c ---*/
1449 #line 457 "../../asn1/pkcs12/packet-pkcs12-template.c"
1451 module_t *pkcs12_module;
1453 /* Register protocol */
1454 proto_pkcs12 = proto_register_protocol(PNAME, PSNAME, PFNAME);
1456 /* Register fields and subtrees */
1457 proto_register_field_array(proto_pkcs12, hf, array_length(hf));
1458 proto_register_subtree_array(ett, array_length(ett));
1460 /* Register preferences */
1461 pkcs12_module = prefs_register_protocol(proto_pkcs12, NULL);
1463 prefs_register_string_preference(pkcs12_module, "password",
1464 "Password to decrypt the file with",
1465 "The password to used to decrypt the encrypted elements within"
1466 " the PKCS#12 file", &password);
1468 prefs_register_bool_preference(pkcs12_module, "try_null_password",
1469 "Try to decrypt with a empty password",
1470 "Whether to try and decrypt the encrypted data within the"
1471 " PKCS#12 with a NULL password", &try_null_password);
1473 register_ber_syntax_dissector("PKCS#12", proto_pkcs12, dissect_PFX_PDU);
1474 register_ber_oid_syntax(".p12", NULL, "PKCS#12");
1475 register_ber_oid_syntax(".pfx", NULL, "PKCS#12");
1479 /*--- proto_reg_handoff_pkcs12 -------------------------------------------*/
1480 void proto_reg_handoff_pkcs12(void) {
1482 /*--- Included file: packet-pkcs12-dis-tab.c ---*/
1483 #line 1 "../../asn1/pkcs12/packet-pkcs12-dis-tab.c"
1484 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.1", dissect_KeyBag_PDU, proto_pkcs12, "keyBag");
1485 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.2", dissect_PKCS8ShroudedKeyBag_PDU, proto_pkcs12, "pkcs8ShroudedKeyBag");
1486 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.3", dissect_CertBag_PDU, proto_pkcs12, "certBag");
1487 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.4", dissect_SecretBag_PDU, proto_pkcs12, "secretBag");
1488 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.5", dissect_CRLBag_PDU, proto_pkcs12, "crlBag");
1489 register_ber_oid_dissector("1.2.840.113549.1.12.10.1.6", dissect_SafeContents_PDU, proto_pkcs12, "safeContentsBag");
1490 register_ber_oid_dissector("2.16.840.1.113730.3.1.216", dissect_PFX_PDU, proto_pkcs12, "pkcs-9-at-PKCS12");
1491 register_ber_oid_dissector("1.2.840.113549.1.9.25.2", dissect_EncryptedPrivateKeyInfo_PDU, proto_pkcs12, "pkcs-9-at-encryptedPrivateKeyInfo");
1492 register_ber_oid_dissector("1.2.840.113549.1.12.1.1", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd128BitRC4");
1493 register_ber_oid_dissector("1.2.840.113549.1.12.1.2", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd40BitRC4");
1494 register_ber_oid_dissector("1.2.840.113549.1.12.1.3", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd3-KeyTripleDES-CBC");
1495 register_ber_oid_dissector("1.2.840.113549.1.12.1.4", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd2-KeyTripleDES-CBC");
1496 register_ber_oid_dissector("1.2.840.113549.1.12.1.5", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd128BitRC2-CBC");
1497 register_ber_oid_dissector("1.2.840.113549.1.12.1.6", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd128BitRC2-CBC");
1498 register_ber_oid_dissector("1.2.840.113549.1.5.1", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD2AndDES-CBC");
1499 register_ber_oid_dissector("1.2.840.113549.1.5.3", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD5AndDES-CBC");
1500 register_ber_oid_dissector("1.2.840.113549.1.5.4", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD2AndRC2-CBC");
1501 register_ber_oid_dissector("1.2.840.113549.1.5.6", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD5AndRC2-CBC");
1502 register_ber_oid_dissector("1.2.840.113549.1.5.10", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHA1AndDES-CBC");
1503 register_ber_oid_dissector("1.2.840.113549.1.5.11", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHA1AndRC2-CBC");
1504 register_ber_oid_dissector("1.2.840.113549.1.5.12", dissect_PBKDF2Params_PDU, proto_pkcs12, "id-PBKDF2");
1505 register_ber_oid_dissector("1.2.840.113549.1.5.13", dissect_PBES2Params_PDU, proto_pkcs12, "id-PBES2");
1506 register_ber_oid_dissector("1.2.840.113549.1.5.14", dissect_PBMAC1Params_PDU, proto_pkcs12, "id-PBMAC1");
1509 /*--- End of included file: packet-pkcs12-dis-tab.c ---*/
1510 #line 489 "../../asn1/pkcs12/packet-pkcs12-template.c"
1512 register_ber_oid_dissector("1.2.840.113549.1.9.22.1", dissect_X509Certificate_OCTETSTRING_PDU, proto_pkcs12, "x509Certificate");