1 /* Do not modify this file. */
2 /* It is created automatically by the ASN.1 to Wireshark dissector compiler */
4 /* ../../tools/asn2wrs.py -b -p pkinit -c ./pkinit.cnf -s ./packet-pkinit-template -D . PKINIT.asn */
6 /* Input file: packet-pkinit-template.c */
8 #line 1 "packet-pkinit-template.c"
10 * Routines for PKINIT packet dissection
11 * Ronnie Sahlberg 2004
15 * Wireshark - Network traffic analyzer
16 * By Gerald Combs <gerald@wireshark.org>
17 * Copyright 1998 Gerald Combs
19 * This program is free software; you can redistribute it and/or
20 * modify it under the terms of the GNU General Public License
21 * as published by the Free Software Foundation; either version 2
22 * of the License, or (at your option) any later version.
24 * This program is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * GNU General Public License for more details.
29 * You should have received a copy of the GNU General Public License
30 * along with this program; if not, write to the Free Software
31 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
39 #include <epan/packet.h>
40 #include <epan/asn1.h>
45 #include "packet-ber.h"
46 #include "packet-pkinit.h"
47 #include "packet-cms.h"
48 #include "packet-pkix1explicit.h"
49 #include "packet-kerberos.h"
51 #define PNAME "PKINIT"
52 #define PSNAME "PKInit"
53 #define PFNAME "pkinit"
55 /* Initialize the protocol and registered fields */
56 static int proto_pkinit = -1;
58 /*--- Included file: packet-pkinit-hf.c ---*/
59 #line 1 "packet-pkinit-hf.c"
60 static int hf_pkinit_AuthPack_PDU = -1; /* AuthPack */
61 static int hf_pkinit_KDCDHKeyInfo_PDU = -1; /* KDCDHKeyInfo */
62 static int hf_pkinit_signedAuthPack = -1; /* ContentInfo */
63 static int hf_pkinit_trustedCertifiers = -1; /* SEQUENCE_OF_TrustedCA */
64 static int hf_pkinit_trustedCertifiers_item = -1; /* TrustedCA */
65 static int hf_pkinit_kdcCert = -1; /* IssuerAndSerialNumber */
66 static int hf_pkinit_caName = -1; /* Name */
67 static int hf_pkinit_issuerAndSerial = -1; /* IssuerAndSerialNumber */
68 static int hf_pkinit_pkAuthenticator = -1; /* PKAuthenticator */
69 static int hf_pkinit_clientPublicValue = -1; /* SubjectPublicKeyInfo */
70 static int hf_pkinit_supportedCMSTypes = -1; /* SEQUENCE_OF_AlgorithmIdentifier */
71 static int hf_pkinit_supportedCMSTypes_item = -1; /* AlgorithmIdentifier */
72 static int hf_pkinit_cusec = -1; /* INTEGER */
73 static int hf_pkinit_ctime = -1; /* KerberosTime */
74 static int hf_pkinit_paNonce = -1; /* INTEGER_0_4294967295 */
75 static int hf_pkinit_paChecksum = -1; /* Checksum */
76 static int hf_pkinit_dhSignedData = -1; /* ContentInfo */
77 static int hf_pkinit_encKeyPack = -1; /* ContentInfo */
78 static int hf_pkinit_subjectPublicKey = -1; /* BIT_STRING */
79 static int hf_pkinit_dhNonce = -1; /* INTEGER */
80 static int hf_pkinit_dhKeyExpiration = -1; /* KerberosTime */
82 /*--- End of included file: packet-pkinit-hf.c ---*/
83 #line 50 "packet-pkinit-template.c"
85 /* Initialize the subtree pointers */
87 /*--- Included file: packet-pkinit-ett.c ---*/
88 #line 1 "packet-pkinit-ett.c"
89 static gint ett_pkinit_PaPkAsReq = -1;
90 static gint ett_pkinit_SEQUENCE_OF_TrustedCA = -1;
91 static gint ett_pkinit_TrustedCA = -1;
92 static gint ett_pkinit_AuthPack = -1;
93 static gint ett_pkinit_SEQUENCE_OF_AlgorithmIdentifier = -1;
94 static gint ett_pkinit_PKAuthenticator = -1;
95 static gint ett_pkinit_PaPkAsRep = -1;
96 static gint ett_pkinit_KDCDHKeyInfo = -1;
98 /*--- End of included file: packet-pkinit-ett.c ---*/
99 #line 53 "packet-pkinit-template.c"
101 static int dissect_KerberosV5Spec2_KerberosTime(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_);
102 static int dissect_KerberosV5Spec2_Checksum(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_);
105 /*--- Included file: packet-pkinit-fn.c ---*/
106 #line 1 "packet-pkinit-fn.c"
108 static const value_string pkinit_TrustedCA_vals[] = {
110 { 2, "issuerAndSerial" },
114 static const ber_choice_t TrustedCA_choice[] = {
115 { 0, &hf_pkinit_caName , BER_CLASS_CON, 0, 0, dissect_pkix1explicit_Name },
116 { 2, &hf_pkinit_issuerAndSerial, BER_CLASS_CON, 2, 0, dissect_cms_IssuerAndSerialNumber },
117 { 0, NULL, 0, 0, 0, NULL }
121 dissect_pkinit_TrustedCA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
122 offset = dissect_ber_choice(actx, tree, tvb, offset,
123 TrustedCA_choice, hf_index, ett_pkinit_TrustedCA,
130 static const ber_sequence_t SEQUENCE_OF_TrustedCA_sequence_of[1] = {
131 { &hf_pkinit_trustedCertifiers_item, BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_pkinit_TrustedCA },
135 dissect_pkinit_SEQUENCE_OF_TrustedCA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
136 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
137 SEQUENCE_OF_TrustedCA_sequence_of, hf_index, ett_pkinit_SEQUENCE_OF_TrustedCA);
143 static const ber_sequence_t PaPkAsReq_sequence[] = {
144 { &hf_pkinit_signedAuthPack, BER_CLASS_CON, 0, 0, dissect_cms_ContentInfo },
145 { &hf_pkinit_trustedCertifiers, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_pkinit_SEQUENCE_OF_TrustedCA },
146 { &hf_pkinit_kdcCert , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_cms_IssuerAndSerialNumber },
147 { NULL, 0, 0, 0, NULL }
151 dissect_pkinit_PaPkAsReq(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
152 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
153 PaPkAsReq_sequence, hf_index, ett_pkinit_PaPkAsReq);
161 dissect_pkinit_INTEGER(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
162 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
171 dissect_pkinit_INTEGER_0_4294967295(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
172 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
179 static const ber_sequence_t PKAuthenticator_sequence[] = {
180 { &hf_pkinit_cusec , BER_CLASS_CON, 0, 0, dissect_pkinit_INTEGER },
181 { &hf_pkinit_ctime , BER_CLASS_CON, 1, 0, dissect_KerberosV5Spec2_KerberosTime },
182 { &hf_pkinit_paNonce , BER_CLASS_CON, 2, 0, dissect_pkinit_INTEGER_0_4294967295 },
183 { &hf_pkinit_paChecksum , BER_CLASS_CON, 3, 0, dissect_KerberosV5Spec2_Checksum },
184 { NULL, 0, 0, 0, NULL }
188 dissect_pkinit_PKAuthenticator(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
189 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
190 PKAuthenticator_sequence, hf_index, ett_pkinit_PKAuthenticator);
196 static const ber_sequence_t SEQUENCE_OF_AlgorithmIdentifier_sequence_of[1] = {
197 { &hf_pkinit_supportedCMSTypes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkix1explicit_AlgorithmIdentifier },
201 dissect_pkinit_SEQUENCE_OF_AlgorithmIdentifier(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
202 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
203 SEQUENCE_OF_AlgorithmIdentifier_sequence_of, hf_index, ett_pkinit_SEQUENCE_OF_AlgorithmIdentifier);
209 static const ber_sequence_t AuthPack_sequence[] = {
210 { &hf_pkinit_pkAuthenticator, BER_CLASS_CON, 0, 0, dissect_pkinit_PKAuthenticator },
211 { &hf_pkinit_clientPublicValue, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_pkix1explicit_SubjectPublicKeyInfo },
212 { &hf_pkinit_supportedCMSTypes, BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_pkinit_SEQUENCE_OF_AlgorithmIdentifier },
213 { NULL, 0, 0, 0, NULL }
217 dissect_pkinit_AuthPack(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
218 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
219 AuthPack_sequence, hf_index, ett_pkinit_AuthPack);
225 const value_string pkinit_PaPkAsRep_vals[] = {
226 { 0, "dhSignedData" },
231 static const ber_choice_t PaPkAsRep_choice[] = {
232 { 0, &hf_pkinit_dhSignedData , BER_CLASS_CON, 0, 0, dissect_cms_ContentInfo },
233 { 1, &hf_pkinit_encKeyPack , BER_CLASS_CON, 1, 0, dissect_cms_ContentInfo },
234 { 0, NULL, 0, 0, 0, NULL }
238 dissect_pkinit_PaPkAsRep(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
239 offset = dissect_ber_choice(actx, tree, tvb, offset,
240 PaPkAsRep_choice, hf_index, ett_pkinit_PaPkAsRep,
249 dissect_pkinit_BIT_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
250 offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
258 static const ber_sequence_t KDCDHKeyInfo_sequence[] = {
259 { &hf_pkinit_subjectPublicKey, BER_CLASS_CON, 0, 0, dissect_pkinit_BIT_STRING },
260 { &hf_pkinit_dhNonce , BER_CLASS_CON, 1, 0, dissect_pkinit_INTEGER },
261 { &hf_pkinit_dhKeyExpiration, BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_KerberosV5Spec2_KerberosTime },
262 { NULL, 0, 0, 0, NULL }
266 dissect_pkinit_KDCDHKeyInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
267 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
268 KDCDHKeyInfo_sequence, hf_index, ett_pkinit_KDCDHKeyInfo);
275 static void dissect_AuthPack_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
277 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
278 dissect_pkinit_AuthPack(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkinit_AuthPack_PDU);
280 static void dissect_KDCDHKeyInfo_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
282 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
283 dissect_pkinit_KDCDHKeyInfo(FALSE, tvb, 0, &asn1_ctx, tree, hf_pkinit_KDCDHKeyInfo_PDU);
287 /*--- End of included file: packet-pkinit-fn.c ---*/
288 #line 58 "packet-pkinit-template.c"
291 dissect_pkinit_PA_PK_AS_REQ(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_) {
292 offset = dissect_pkinit_PaPkAsReq(FALSE, tvb, offset, actx, tree, -1);
297 dissect_pkinit_PA_PK_AS_REP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_) {
298 offset = dissect_pkinit_PaPkAsRep(FALSE, tvb, offset, actx, tree, -1);
303 dissect_KerberosV5Spec2_KerberosTime(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) {
304 offset = dissect_krb5_ctime(tree, tvb, offset, actx);
309 dissect_KerberosV5Spec2_Checksum(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) {
310 offset = dissect_krb5_Checksum(tree, tvb, offset, actx);
315 /*--- proto_register_pkinit ----------------------------------------------*/
316 void proto_register_pkinit(void) {
319 static hf_register_info hf[] = {
321 /*--- Included file: packet-pkinit-hfarr.c ---*/
322 #line 1 "packet-pkinit-hfarr.c"
323 { &hf_pkinit_AuthPack_PDU,
324 { "AuthPack", "pkinit.AuthPack",
325 FT_NONE, BASE_NONE, NULL, 0,
326 "pkinit.AuthPack", HFILL }},
327 { &hf_pkinit_KDCDHKeyInfo_PDU,
328 { "KDCDHKeyInfo", "pkinit.KDCDHKeyInfo",
329 FT_NONE, BASE_NONE, NULL, 0,
330 "pkinit.KDCDHKeyInfo", HFILL }},
331 { &hf_pkinit_signedAuthPack,
332 { "signedAuthPack", "pkinit.signedAuthPack",
333 FT_NONE, BASE_NONE, NULL, 0,
334 "cms.ContentInfo", HFILL }},
335 { &hf_pkinit_trustedCertifiers,
336 { "trustedCertifiers", "pkinit.trustedCertifiers",
337 FT_UINT32, BASE_DEC, NULL, 0,
338 "pkinit.SEQUENCE_OF_TrustedCA", HFILL }},
339 { &hf_pkinit_trustedCertifiers_item,
340 { "TrustedCA", "pkinit.TrustedCA",
341 FT_UINT32, BASE_DEC, VALS(pkinit_TrustedCA_vals), 0,
342 "pkinit.TrustedCA", HFILL }},
343 { &hf_pkinit_kdcCert,
344 { "kdcCert", "pkinit.kdcCert",
345 FT_NONE, BASE_NONE, NULL, 0,
346 "cms.IssuerAndSerialNumber", HFILL }},
348 { "caName", "pkinit.caName",
349 FT_UINT32, BASE_DEC, NULL, 0,
350 "pkix1explicit.Name", HFILL }},
351 { &hf_pkinit_issuerAndSerial,
352 { "issuerAndSerial", "pkinit.issuerAndSerial",
353 FT_NONE, BASE_NONE, NULL, 0,
354 "cms.IssuerAndSerialNumber", HFILL }},
355 { &hf_pkinit_pkAuthenticator,
356 { "pkAuthenticator", "pkinit.pkAuthenticator",
357 FT_NONE, BASE_NONE, NULL, 0,
358 "pkinit.PKAuthenticator", HFILL }},
359 { &hf_pkinit_clientPublicValue,
360 { "clientPublicValue", "pkinit.clientPublicValue",
361 FT_NONE, BASE_NONE, NULL, 0,
362 "pkix1explicit.SubjectPublicKeyInfo", HFILL }},
363 { &hf_pkinit_supportedCMSTypes,
364 { "supportedCMSTypes", "pkinit.supportedCMSTypes",
365 FT_UINT32, BASE_DEC, NULL, 0,
366 "pkinit.SEQUENCE_OF_AlgorithmIdentifier", HFILL }},
367 { &hf_pkinit_supportedCMSTypes_item,
368 { "AlgorithmIdentifier", "pkinit.AlgorithmIdentifier",
369 FT_NONE, BASE_NONE, NULL, 0,
370 "pkix1explicit.AlgorithmIdentifier", HFILL }},
372 { "cusec", "pkinit.cusec",
373 FT_INT32, BASE_DEC, NULL, 0,
374 "pkinit.INTEGER", HFILL }},
376 { "ctime", "pkinit.ctime",
377 FT_NONE, BASE_NONE, NULL, 0,
378 "KerberosV5Spec2.KerberosTime", HFILL }},
379 { &hf_pkinit_paNonce,
380 { "nonce", "pkinit.nonce",
381 FT_UINT32, BASE_DEC, NULL, 0,
382 "pkinit.INTEGER_0_4294967295", HFILL }},
383 { &hf_pkinit_paChecksum,
384 { "paChecksum", "pkinit.paChecksum",
385 FT_NONE, BASE_NONE, NULL, 0,
386 "KerberosV5Spec2.Checksum", HFILL }},
387 { &hf_pkinit_dhSignedData,
388 { "dhSignedData", "pkinit.dhSignedData",
389 FT_NONE, BASE_NONE, NULL, 0,
390 "cms.ContentInfo", HFILL }},
391 { &hf_pkinit_encKeyPack,
392 { "encKeyPack", "pkinit.encKeyPack",
393 FT_NONE, BASE_NONE, NULL, 0,
394 "cms.ContentInfo", HFILL }},
395 { &hf_pkinit_subjectPublicKey,
396 { "subjectPublicKey", "pkinit.subjectPublicKey",
397 FT_BYTES, BASE_HEX, NULL, 0,
398 "pkinit.BIT_STRING", HFILL }},
399 { &hf_pkinit_dhNonce,
400 { "nonce", "pkinit.nonce",
401 FT_INT32, BASE_DEC, NULL, 0,
402 "pkinit.INTEGER", HFILL }},
403 { &hf_pkinit_dhKeyExpiration,
404 { "dhKeyExpiration", "pkinit.dhKeyExpiration",
405 FT_NONE, BASE_NONE, NULL, 0,
406 "KerberosV5Spec2.KerberosTime", HFILL }},
408 /*--- End of included file: packet-pkinit-hfarr.c ---*/
409 #line 90 "packet-pkinit-template.c"
412 /* List of subtrees */
413 static gint *ett[] = {
415 /*--- Included file: packet-pkinit-ettarr.c ---*/
416 #line 1 "packet-pkinit-ettarr.c"
417 &ett_pkinit_PaPkAsReq,
418 &ett_pkinit_SEQUENCE_OF_TrustedCA,
419 &ett_pkinit_TrustedCA,
420 &ett_pkinit_AuthPack,
421 &ett_pkinit_SEQUENCE_OF_AlgorithmIdentifier,
422 &ett_pkinit_PKAuthenticator,
423 &ett_pkinit_PaPkAsRep,
424 &ett_pkinit_KDCDHKeyInfo,
426 /*--- End of included file: packet-pkinit-ettarr.c ---*/
427 #line 95 "packet-pkinit-template.c"
430 /* Register protocol */
431 proto_pkinit = proto_register_protocol(PNAME, PSNAME, PFNAME);
433 /* Register fields and subtrees */
434 proto_register_field_array(proto_pkinit, hf, array_length(hf));
435 proto_register_subtree_array(ett, array_length(ett));
440 /*--- proto_reg_handoff_pkinit -------------------------------------------*/
441 void proto_reg_handoff_pkinit(void) {
443 /*--- Included file: packet-pkinit-dis-tab.c ---*/
444 #line 1 "packet-pkinit-dis-tab.c"
445 register_ber_oid_dissector("1.3.6.1.5.2.3.1", dissect_AuthPack_PDU, proto_pkinit, "id-pkauthdata");
446 register_ber_oid_dissector("1.3.6.1.5.2.3.2", dissect_KDCDHKeyInfo_PDU, proto_pkinit, "id-pkdhkeydata");
449 /*--- End of included file: packet-pkinit-dis-tab.c ---*/
450 #line 110 "packet-pkinit-template.c"