epan/dissectors/packet-x509af.c

   1 /* Do not modify this file.                                                   */
   2 /* It is created automatically by the ASN.1 to Ethereal dissector compiler    */
   3 /* ./packet-x509af.c                                                          */
   4 /* ../../tools/asn2eth.py -X -b -k -e -p x509af -c x509af.cnf -s packet-x509af-template AuthenticationFramework.asn */
   5
   6 /* Input file: packet-x509af-template.c */
   7
   8 /* packet-x509af.c
   9  * Routines for X.509 Authentication Framework packet dissection
  10  *  Ronnie Sahlberg 2004
  11  *
  12  * $Id: packet-x509af-template.c 12624 2004-11-30 04:08:16Z sahlberg $
  13  *
  14  * Ethereal - Network traffic analyzer
  15  * By Gerald Combs <gerald@ethereal.com>
  16  * Copyright 1998 Gerald Combs
  17  *
  18  * This program is free software; you can redistribute it and/or
  19  * modify it under the terms of the GNU General Public License
  20  * as published by the Free Software Foundation; either version 2
  21  * of the License, or (at your option) any later version.
  22  *
  23  * This program is distributed in the hope that it will be useful,
  24  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  26  * GNU General Public License for more details.
  27  *
  28  * You should have received a copy of the GNU General Public License
  29  * along with this program; if not, write to the Free Software
  30  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
  31  */
  32
  33 #ifdef HAVE_CONFIG_H
  34 # include "config.h"
  35 #endif
  36
  37 #include <glib.h>
  38 #include <epan/packet.h>
  39 #include <epan/conversation.h>
  40
  41 #include <stdio.h>
  42 #include <string.h>
  43
  44 #include "packet-ber.h"
  45 #include "packet-x509af.h"
  46 #include "packet-x509ce.h"
  47 #include "packet-x509if.h"
  48 #include "packet-x509sat.h"
  49
  50 #define PNAME  "X.509 Authentication Framework"
  51 #define PSNAME "X509AF"
  52 #define PFNAME "x509af"
  53
  54 /* Initialize the protocol and registered fields */
  55 static int proto_x509af = -1;
  56 static int hf_x509af_algorithm_id = -1;
  57 static int hf_x509af_extension_id = -1;
  58
  59 /*--- Included file: packet-x509af-hf.c ---*/
  60
  61 static int hf_x509af_Certificate_PDU = -1;        /* Certificate */
  62 static int hf_x509af_CertificatePair_PDU = -1;    /* CertificatePair */
  63 static int hf_x509af_CertificateList_PDU = -1;    /* CertificateList */
  64 static int hf_x509af_AttributeCertificate_PDU = -1;  /* AttributeCertificate */
  65 static int hf_x509af_signedCertificate = -1;      /* T_signedCertificate */
  66 static int hf_x509af_version = -1;                /* Version */
  67 static int hf_x509af_serialNumber = -1;           /* CertificateSerialNumber */
  68 static int hf_x509af_signature = -1;              /* AlgorithmIdentifier */
  69 static int hf_x509af_issuer = -1;                 /* Name */
  70 static int hf_x509af_validity = -1;               /* Validity */
  71 static int hf_x509af_subject = -1;                /* Name */
  72 static int hf_x509af_subjectPublicKeyInfo = -1;   /* SubjectPublicKeyInfo */
  73 static int hf_x509af_issuerUniqueIdentifier = -1;  /* UniqueIdentifier */
  74 static int hf_x509af_subjectUniqueIdentifier = -1;  /* UniqueIdentifier */
  75 static int hf_x509af_extensions = -1;             /* Extensions */
  76 static int hf_x509af_algorithmIdentifier = -1;    /* AlgorithmIdentifier */
  77 static int hf_x509af_encrypted = -1;              /* BIT_STRING */
  78 static int hf_x509af_algorithmId = -1;            /* T_algorithmId */
  79 static int hf_x509af_parameters = -1;             /* T_parameters */
  80 static int hf_x509af_notBefore = -1;              /* Time */
  81 static int hf_x509af_notAfter = -1;               /* Time */
  82 static int hf_x509af_algorithm = -1;              /* AlgorithmIdentifier */
  83 static int hf_x509af_subjectPublicKey = -1;       /* BIT_STRING */
  84 static int hf_x509af_utcTime = -1;                /* UTCTime */
  85 static int hf_x509af_generalizedTime = -1;        /* GeneralizedTime */
  86 static int hf_x509af_Extensions_item = -1;        /* Extension */
  87 static int hf_x509af_extnId = -1;                 /* T_extnId */
  88 static int hf_x509af_critical = -1;               /* BOOLEAN */
  89 static int hf_x509af_extnValue = -1;              /* T_extnValue */
  90 static int hf_x509af_userCertificate = -1;        /* Certificate */
  91 static int hf_x509af_certificationPath = -1;      /* ForwardCertificationPath */
  92 static int hf_x509af_ForwardCertificationPath_item = -1;  /* CrossCertificates */
  93 static int hf_x509af_CrossCertificates_item = -1;  /* Certificate */
  94 static int hf_x509af_theCACertificates = -1;      /* SEQUNCE_OF_CertificatePair */
  95 static int hf_x509af_theCACertificates_item = -1;  /* CertificatePair */
  96 static int hf_x509af_issuedByThisCA = -1;         /* Certificate */
  97 static int hf_x509af_issuedToThisCA = -1;         /* Certificate */
  98 static int hf_x509af_signedCertificateList = -1;  /* T_signedCertificateList */
  99 static int hf_x509af_thisUpdate = -1;             /* Time */
 100 static int hf_x509af_nextUpdate = -1;             /* Time */
 101 static int hf_x509af_revokedCertificates = -1;    /* T_revokedCertificates */
 102 static int hf_x509af_revokedCertificates_item = -1;  /* T_revokedCertificates_item */
 103 static int hf_x509af_revokedUserCertificate = -1;  /* CertificateSerialNumber */
 104 static int hf_x509af_revocationDate = -1;         /* Time */
 105 static int hf_x509af_crlEntryExtensions = -1;     /* Extensions */
 106 static int hf_x509af_crlExtensions = -1;          /* Extensions */
 107 static int hf_x509af_attributeCertificate = -1;   /* AttributeCertificate */
 108 static int hf_x509af_acPath = -1;                 /* SEQUNCE_OF_ACPathData */
 109 static int hf_x509af_acPath_item = -1;            /* ACPathData */
 110 static int hf_x509af_certificate = -1;            /* Certificate */
 111 static int hf_x509af_signedAttributeCertificateInfo = -1;  /* AttributeCertificateInfo */
 112 static int hf_x509af_info_subject = -1;           /* InfoSubject */
 113 static int hf_x509af_baseCertificateID = -1;      /* IssuerSerial */
 114 static int hf_x509af_infoSubjectName = -1;        /* GeneralNames */
 115 static int hf_x509af_issuerName = -1;             /* GeneralNames */
 116 static int hf_x509af_attCertValidityPeriod = -1;  /* AttCertValidityPeriod */
 117 static int hf_x509af_attributes = -1;             /* SEQUNCE_OF_Attribute */
 118 static int hf_x509af_attributes_item = -1;        /* Attribute */
 119 static int hf_x509af_issuerUniqueID = -1;         /* UniqueIdentifier */
 120 static int hf_x509af_serial = -1;                 /* CertificateSerialNumber */
 121 static int hf_x509af_issuerUID = -1;              /* UniqueIdentifier */
 122 static int hf_x509af_notBeforeTime = -1;          /* GeneralizedTime */
 123 static int hf_x509af_notAfterTime = -1;           /* GeneralizedTime */
 124 static int hf_x509af_assertion_subject = -1;      /* AssertionSubject */
 125 static int hf_x509af_assertionSubjectName = -1;   /* Name */
 126 static int hf_x509af_assertionIssuer = -1;        /* Name */
 127 static int hf_x509af_attCertValidity = -1;        /* GeneralizedTime */
 128 static int hf_x509af_attType = -1;                /* SET_OF_AttributeType */
 129 static int hf_x509af_attType_item = -1;           /* AttributeType */
 130
 131 /*--- End of included file: packet-x509af-hf.c ---*/
 132
 133
 134 /* Initialize the subtree pointers */
 135 static gint ett_pkix_crl = -1;
 136
 137 /*--- Included file: packet-x509af-ett.c ---*/
 138
 139 static gint ett_x509af_Certificate = -1;
 140 static gint ett_x509af_T_signedCertificate = -1;
 141 static gint ett_x509af_AlgorithmIdentifier = -1;
 142 static gint ett_x509af_Validity = -1;
 143 static gint ett_x509af_SubjectPublicKeyInfo = -1;
 144 static gint ett_x509af_Time = -1;
 145 static gint ett_x509af_Extensions = -1;
 146 static gint ett_x509af_Extension = -1;
 147 static gint ett_x509af_Certificates = -1;
 148 static gint ett_x509af_ForwardCertificationPath = -1;
 149 static gint ett_x509af_CrossCertificates = -1;
 150 static gint ett_x509af_CertificationPath = -1;
 151 static gint ett_x509af_SEQUNCE_OF_CertificatePair = -1;
 152 static gint ett_x509af_CertificatePair = -1;
 153 static gint ett_x509af_CertificateList = -1;
 154 static gint ett_x509af_T_signedCertificateList = -1;
 155 static gint ett_x509af_T_revokedCertificates = -1;
 156 static gint ett_x509af_T_revokedCertificates_item = -1;
 157 static gint ett_x509af_AttributeCertificationPath = -1;
 158 static gint ett_x509af_SEQUNCE_OF_ACPathData = -1;
 159 static gint ett_x509af_ACPathData = -1;
 160 static gint ett_x509af_AttributeCertificate = -1;
 161 static gint ett_x509af_AttributeCertificateInfo = -1;
 162 static gint ett_x509af_InfoSubject = -1;
 163 static gint ett_x509af_SEQUNCE_OF_Attribute = -1;
 164 static gint ett_x509af_IssuerSerial = -1;
 165 static gint ett_x509af_AttCertValidityPeriod = -1;
 166 static gint ett_x509af_AttributeCertificateAssertion = -1;
 167 static gint ett_x509af_AssertionSubject = -1;
 168 static gint ett_x509af_SET_OF_AttributeType = -1;
 169
 170 /*--- End of included file: packet-x509af-ett.c ---*/
 171
 172
 173 static char algorithm_id[64]; /*64 chars should be long enough? */
 174
 175
 176 static char extension_id[64]; /*64 chars should be long enough? */
 177
 178
 179
 180 /*--- Included file: packet-x509af-fn.c ---*/
 181
 182 /*--- Fields for imported types ---*/
 183
 184 static int dissect_issuer(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 185   return dissect_x509if_Name(FALSE, tvb, offset, pinfo, tree, hf_x509af_issuer);
 186 }
 187 static int dissect_subject(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 188   return dissect_x509if_Name(FALSE, tvb, offset, pinfo, tree, hf_x509af_subject);
 189 }
 190 static int dissect_issuerUniqueIdentifier_impl(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 191   return dissect_x509sat_UniqueIdentifier(TRUE, tvb, offset, pinfo, tree, hf_x509af_issuerUniqueIdentifier);
 192 }
 193 static int dissect_subjectUniqueIdentifier_impl(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 194   return dissect_x509sat_UniqueIdentifier(TRUE, tvb, offset, pinfo, tree, hf_x509af_subjectUniqueIdentifier);
 195 }
 196 static int dissect_infoSubjectName(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 197   return dissect_x509ce_GeneralNames(FALSE, tvb, offset, pinfo, tree, hf_x509af_infoSubjectName);
 198 }
 199 static int dissect_issuerName(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 200   return dissect_x509ce_GeneralNames(FALSE, tvb, offset, pinfo, tree, hf_x509af_issuerName);
 201 }
 202 static int dissect_attributes_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 203   return dissect_x509if_Attribute(FALSE, tvb, offset, pinfo, tree, hf_x509af_attributes_item);
 204 }
 205 static int dissect_issuerUniqueID(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 206   return dissect_x509sat_UniqueIdentifier(FALSE, tvb, offset, pinfo, tree, hf_x509af_issuerUniqueID);
 207 }
 208 static int dissect_issuerUID(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 209   return dissect_x509sat_UniqueIdentifier(FALSE, tvb, offset, pinfo, tree, hf_x509af_issuerUID);
 210 }
 211 static int dissect_assertionSubjectName(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 212   return dissect_x509if_Name(FALSE, tvb, offset, pinfo, tree, hf_x509af_assertionSubjectName);
 213 }
 214 static int dissect_assertionIssuer(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 215   return dissect_x509if_Name(FALSE, tvb, offset, pinfo, tree, hf_x509af_assertionIssuer);
 216 }
 217 static int dissect_attType_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 218   return dissect_x509if_AttributeType(FALSE, tvb, offset, pinfo, tree, hf_x509af_attType_item);
 219 }
 220
 221
 222 const value_string Version_vals[] = {
 223   {   0, "v1" },
 224   {   1, "v2" },
 225   {   2, "v3" },
 226   { 0, NULL }
 227 };
 228
 229
 230 int
 231 dissect_x509af_Version(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 232   offset = dissect_ber_integer(implicit_tag, pinfo, tree, tvb, offset, hf_index, NULL);
 233
 234   return offset;
 235 }
 236 static int dissect_version(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 237   return dissect_x509af_Version(FALSE, tvb, offset, pinfo, tree, hf_x509af_version);
 238 }
 239
 240
 241
 242 int
 243 dissect_x509af_CertificateSerialNumber(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 244   offset = dissect_ber_integer(implicit_tag, pinfo, tree, tvb, offset, hf_index, NULL);
 245
 246   return offset;
 247 }
 248 static int dissect_serialNumber(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 249   return dissect_x509af_CertificateSerialNumber(FALSE, tvb, offset, pinfo, tree, hf_x509af_serialNumber);
 250 }
 251 static int dissect_revokedUserCertificate(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 252   return dissect_x509af_CertificateSerialNumber(FALSE, tvb, offset, pinfo, tree, hf_x509af_revokedUserCertificate);
 253 }
 254 static int dissect_serial(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 255   return dissect_x509af_CertificateSerialNumber(FALSE, tvb, offset, pinfo, tree, hf_x509af_serial);
 256 }
 257
 258
 259 static int
 260 dissect_x509af_T_algorithmId(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 261   offset = dissect_ber_object_identifier(FALSE, pinfo, tree, tvb, offset,
 262                                  hf_x509af_algorithm_id, algorithm_id);
 263
 264
 265   return offset;
 266 }
 267 static int dissect_algorithmId(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 268   return dissect_x509af_T_algorithmId(FALSE, tvb, offset, pinfo, tree, hf_x509af_algorithmId);
 269 }
 270
 271
 272
 273 static int
 274 dissect_x509af_T_parameters(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 275   offset=call_ber_oid_callback(algorithm_id, tvb, offset, pinfo, tree);
 276
 277
 278   return offset;
 279 }
 280 static int dissect_parameters(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 281   return dissect_x509af_T_parameters(FALSE, tvb, offset, pinfo, tree, hf_x509af_parameters);
 282 }
 283
 284 static const ber_sequence AlgorithmIdentifier_sequence[] = {
 285   { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_algorithmId },
 286   { BER_CLASS_ANY, 0, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_parameters },
 287   { 0, 0, 0, NULL }
 288 };
 289
 290 int
 291 dissect_x509af_AlgorithmIdentifier(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 292   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 293                                 AlgorithmIdentifier_sequence, hf_index, ett_x509af_AlgorithmIdentifier);
 294
 295   return offset;
 296 }
 297 static int dissect_signature(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 298   return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_x509af_signature);
 299 }
 300 static int dissect_algorithmIdentifier(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 301   return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_x509af_algorithmIdentifier);
 302 }
 303 static int dissect_algorithm(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 304   return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_x509af_algorithm);
 305 }
 306
 307
 308 static int
 309 dissect_x509af_UTCTime(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 310   offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_UTCTime,
 311                                          pinfo, tree, tvb, offset, hf_index,
 312                                          NULL);
 313
 314   return offset;
 315 }
 316 static int dissect_utcTime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 317   return dissect_x509af_UTCTime(FALSE, tvb, offset, pinfo, tree, hf_x509af_utcTime);
 318 }
 319
 320
 321 static int
 322 dissect_x509af_GeneralizedTime(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 323   offset = dissect_ber_generalized_time(pinfo, tree, tvb, offset, hf_index);
 324
 325   return offset;
 326 }
 327 static int dissect_generalizedTime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 328   return dissect_x509af_GeneralizedTime(FALSE, tvb, offset, pinfo, tree, hf_x509af_generalizedTime);
 329 }
 330 static int dissect_notBeforeTime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 331   return dissect_x509af_GeneralizedTime(FALSE, tvb, offset, pinfo, tree, hf_x509af_notBeforeTime);
 332 }
 333 static int dissect_notAfterTime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 334   return dissect_x509af_GeneralizedTime(FALSE, tvb, offset, pinfo, tree, hf_x509af_notAfterTime);
 335 }
 336 static int dissect_attCertValidity(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 337   return dissect_x509af_GeneralizedTime(FALSE, tvb, offset, pinfo, tree, hf_x509af_attCertValidity);
 338 }
 339
 340
 341 const value_string Time_vals[] = {
 342   {   0, "utcTime" },
 343   {   1, "generalizedTime" },
 344   { 0, NULL }
 345 };
 346
 347 static const ber_choice Time_choice[] = {
 348   {   0, BER_CLASS_UNI, BER_UNI_TAG_UTCTime, BER_FLAGS_NOOWNTAG, dissect_utcTime },
 349   {   1, BER_CLASS_UNI, BER_UNI_TAG_GeneralizedTime, BER_FLAGS_NOOWNTAG, dissect_generalizedTime },
 350   { 0, 0, 0, 0, NULL }
 351 };
 352
 353 int
 354 dissect_x509af_Time(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 355   offset = dissect_ber_choice(pinfo, tree, tvb, offset,
 356                               Time_choice, hf_index, ett_x509af_Time);
 357
 358   return offset;
 359 }
 360 static int dissect_notBefore(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 361   return dissect_x509af_Time(FALSE, tvb, offset, pinfo, tree, hf_x509af_notBefore);
 362 }
 363 static int dissect_notAfter(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 364   return dissect_x509af_Time(FALSE, tvb, offset, pinfo, tree, hf_x509af_notAfter);
 365 }
 366 static int dissect_thisUpdate(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 367   return dissect_x509af_Time(FALSE, tvb, offset, pinfo, tree, hf_x509af_thisUpdate);
 368 }
 369 static int dissect_nextUpdate(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 370   return dissect_x509af_Time(FALSE, tvb, offset, pinfo, tree, hf_x509af_nextUpdate);
 371 }
 372 static int dissect_revocationDate(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 373   return dissect_x509af_Time(FALSE, tvb, offset, pinfo, tree, hf_x509af_revocationDate);
 374 }
 375
 376 static const ber_sequence Validity_sequence[] = {
 377   { BER_CLASS_UNI, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_notBefore },
 378   { BER_CLASS_UNI, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_notAfter },
 379   { 0, 0, 0, NULL }
 380 };
 381
 382 int
 383 dissect_x509af_Validity(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 384   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 385                                 Validity_sequence, hf_index, ett_x509af_Validity);
 386
 387   return offset;
 388 }
 389 static int dissect_validity(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 390   return dissect_x509af_Validity(FALSE, tvb, offset, pinfo, tree, hf_x509af_validity);
 391 }
 392
 393
 394 static int
 395 dissect_x509af_BIT_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 396   offset = dissect_ber_bitstring(implicit_tag, pinfo, tree, tvb, offset,
 397                                  NULL, hf_index, -1,
 398                                  NULL);
 399
 400   return offset;
 401 }
 402 static int dissect_encrypted(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 403   return dissect_x509af_BIT_STRING(FALSE, tvb, offset, pinfo, tree, hf_x509af_encrypted);
 404 }
 405 static int dissect_subjectPublicKey(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 406   return dissect_x509af_BIT_STRING(FALSE, tvb, offset, pinfo, tree, hf_x509af_subjectPublicKey);
 407 }
 408
 409 static const ber_sequence SubjectPublicKeyInfo_sequence[] = {
 410   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_algorithm },
 411   { BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_subjectPublicKey },
 412   { 0, 0, 0, NULL }
 413 };
 414
 415 int
 416 dissect_x509af_SubjectPublicKeyInfo(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 417   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 418                                 SubjectPublicKeyInfo_sequence, hf_index, ett_x509af_SubjectPublicKeyInfo);
 419
 420   return offset;
 421 }
 422 static int dissect_subjectPublicKeyInfo(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 423   return dissect_x509af_SubjectPublicKeyInfo(FALSE, tvb, offset, pinfo, tree, hf_x509af_subjectPublicKeyInfo);
 424 }
 425
 426
 427 static int
 428 dissect_x509af_T_extnId(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 429   offset = dissect_ber_object_identifier(FALSE, pinfo, tree, tvb, offset,
 430                                  hf_x509af_extension_id, extension_id);
 431
 432
 433   return offset;
 434 }
 435 static int dissect_extnId(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 436   return dissect_x509af_T_extnId(FALSE, tvb, offset, pinfo, tree, hf_x509af_extnId);
 437 }
 438
 439
 440 static int
 441 dissect_x509af_BOOLEAN(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 442   offset = dissect_ber_boolean(pinfo, tree, tvb, offset, hf_index);
 443
 444   return offset;
 445 }
 446 static int dissect_critical(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 447   return dissect_x509af_BOOLEAN(FALSE, tvb, offset, pinfo, tree, hf_x509af_critical);
 448 }
 449
 450
 451 static int
 452 dissect_x509af_T_extnValue(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 453   guint8 class;
 454   gboolean pc, ind;
 455   guint32 tag;
 456   guint32 len;
 457   /* skip past the T and L  */
 458   offset = dissect_ber_identifier(pinfo, tree, tvb, offset, &class, &pc, &tag);
 459   offset = dissect_ber_length(pinfo, tree, tvb, offset, &len, &ind);
 460   offset=call_ber_oid_callback(extension_id, tvb, offset, pinfo, tree);
 461
 462
 463   return offset;
 464 }
 465 static int dissect_extnValue(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 466   return dissect_x509af_T_extnValue(FALSE, tvb, offset, pinfo, tree, hf_x509af_extnValue);
 467 }
 468
 469 static const ber_sequence Extension_sequence[] = {
 470   { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_extnId },
 471   { BER_CLASS_UNI, BER_UNI_TAG_BOOLEAN, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_critical },
 472   { BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_extnValue },
 473   { 0, 0, 0, NULL }
 474 };
 475
 476 int
 477 dissect_x509af_Extension(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 478   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 479                                 Extension_sequence, hf_index, ett_x509af_Extension);
 480
 481   return offset;
 482 }
 483 static int dissect_Extensions_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 484   return dissect_x509af_Extension(FALSE, tvb, offset, pinfo, tree, hf_x509af_Extensions_item);
 485 }
 486
 487 static const ber_sequence Extensions_sequence_of[1] = {
 488   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_Extensions_item },
 489 };
 490
 491 int
 492 dissect_x509af_Extensions(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 493   offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
 494                                    Extensions_sequence_of, hf_index, ett_x509af_Extensions);
 495
 496   return offset;
 497 }
 498 static int dissect_extensions(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 499   return dissect_x509af_Extensions(FALSE, tvb, offset, pinfo, tree, hf_x509af_extensions);
 500 }
 501 static int dissect_crlEntryExtensions(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 502   return dissect_x509af_Extensions(FALSE, tvb, offset, pinfo, tree, hf_x509af_crlEntryExtensions);
 503 }
 504 static int dissect_crlExtensions(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 505   return dissect_x509af_Extensions(FALSE, tvb, offset, pinfo, tree, hf_x509af_crlExtensions);
 506 }
 507
 508 static const ber_sequence T_signedCertificate_sequence[] = {
 509   { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_version },
 510   { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_serialNumber },
 511   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_signature },
 512   { BER_CLASS_UNI, -1/*choice*/, BER_FLAGS_NOOWNTAG, dissect_issuer },
 513   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_validity },
 514   { BER_CLASS_UNI, -1/*choice*/, BER_FLAGS_NOOWNTAG, dissect_subject },
 515   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_subjectPublicKeyInfo },
 516   { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG, dissect_issuerUniqueIdentifier_impl },
 517   { BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG, dissect_subjectUniqueIdentifier_impl },
 518   { BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_extensions },
 519   { 0, 0, 0, NULL }
 520 };
 521
 522 static int
 523 dissect_x509af_T_signedCertificate(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 524   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 525                                 T_signedCertificate_sequence, hf_index, ett_x509af_T_signedCertificate);
 526
 527   return offset;
 528 }
 529 static int dissect_signedCertificate(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 530   return dissect_x509af_T_signedCertificate(FALSE, tvb, offset, pinfo, tree, hf_x509af_signedCertificate);
 531 }
 532
 533 static const ber_sequence Certificate_sequence[] = {
 534   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_signedCertificate },
 535   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_algorithmIdentifier },
 536   { BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_encrypted },
 537   { 0, 0, 0, NULL }
 538 };
 539
 540 int
 541 dissect_x509af_Certificate(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 542   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 543                                 Certificate_sequence, hf_index, ett_x509af_Certificate);
 544
 545   return offset;
 546 }
 547 static int dissect_userCertificate(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 548   return dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, tree, hf_x509af_userCertificate);
 549 }
 550 static int dissect_CrossCertificates_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 551   return dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, tree, hf_x509af_CrossCertificates_item);
 552 }
 553 static int dissect_issuedByThisCA(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 554   return dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, tree, hf_x509af_issuedByThisCA);
 555 }
 556 static int dissect_issuedToThisCA(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 557   return dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, tree, hf_x509af_issuedToThisCA);
 558 }
 559 static int dissect_certificate(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 560   return dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, tree, hf_x509af_certificate);
 561 }
 562
 563 static const ber_sequence CrossCertificates_set_of[1] = {
 564   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_CrossCertificates_item },
 565 };
 566
 567 int
 568 dissect_x509af_CrossCertificates(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 569   offset = dissect_ber_set_of(implicit_tag, pinfo, tree, tvb, offset,
 570                               CrossCertificates_set_of, hf_index, ett_x509af_CrossCertificates);
 571
 572   return offset;
 573 }
 574 static int dissect_ForwardCertificationPath_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 575   return dissect_x509af_CrossCertificates(FALSE, tvb, offset, pinfo, tree, hf_x509af_ForwardCertificationPath_item);
 576 }
 577
 578 static const ber_sequence ForwardCertificationPath_sequence_of[1] = {
 579   { BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_NOOWNTAG, dissect_ForwardCertificationPath_item },
 580 };
 581
 582 int
 583 dissect_x509af_ForwardCertificationPath(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 584   offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
 585                                    ForwardCertificationPath_sequence_of, hf_index, ett_x509af_ForwardCertificationPath);
 586
 587   return offset;
 588 }
 589 static int dissect_certificationPath(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 590   return dissect_x509af_ForwardCertificationPath(FALSE, tvb, offset, pinfo, tree, hf_x509af_certificationPath);
 591 }
 592
 593 static const ber_sequence Certificates_sequence[] = {
 594   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_userCertificate },
 595   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_certificationPath },
 596   { 0, 0, 0, NULL }
 597 };
 598
 599 int
 600 dissect_x509af_Certificates(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 601   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 602                                 Certificates_sequence, hf_index, ett_x509af_Certificates);
 603
 604   return offset;
 605 }
 606
 607 static const ber_sequence CertificatePair_sequence[] = {
 608   { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_issuedByThisCA },
 609   { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_issuedToThisCA },
 610   { 0, 0, 0, NULL }
 611 };
 612
 613 int
 614 dissect_x509af_CertificatePair(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 615   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 616                                 CertificatePair_sequence, hf_index, ett_x509af_CertificatePair);
 617
 618   return offset;
 619 }
 620 static int dissect_theCACertificates_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 621   return dissect_x509af_CertificatePair(FALSE, tvb, offset, pinfo, tree, hf_x509af_theCACertificates_item);
 622 }
 623
 624 static const ber_sequence SEQUNCE_OF_CertificatePair_sequence_of[1] = {
 625   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_theCACertificates_item },
 626 };
 627
 628 static int
 629 dissect_x509af_SEQUNCE_OF_CertificatePair(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 630   offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
 631                                    SEQUNCE_OF_CertificatePair_sequence_of, hf_index, ett_x509af_SEQUNCE_OF_CertificatePair);
 632
 633   return offset;
 634 }
 635 static int dissect_theCACertificates(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 636   return dissect_x509af_SEQUNCE_OF_CertificatePair(FALSE, tvb, offset, pinfo, tree, hf_x509af_theCACertificates);
 637 }
 638
 639 static const ber_sequence CertificationPath_sequence[] = {
 640   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_userCertificate },
 641   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_theCACertificates },
 642   { 0, 0, 0, NULL }
 643 };
 644
 645 int
 646 dissect_x509af_CertificationPath(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 647   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 648                                 CertificationPath_sequence, hf_index, ett_x509af_CertificationPath);
 649
 650   return offset;
 651 }
 652
 653 static const ber_sequence T_revokedCertificates_item_sequence[] = {
 654   { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_revokedUserCertificate },
 655   { BER_CLASS_UNI, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_revocationDate },
 656   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_crlEntryExtensions },
 657   { 0, 0, 0, NULL }
 658 };
 659
 660 static int
 661 dissect_x509af_T_revokedCertificates_item(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 662   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 663                                 T_revokedCertificates_item_sequence, hf_index, ett_x509af_T_revokedCertificates_item);
 664
 665   return offset;
 666 }
 667 static int dissect_revokedCertificates_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 668   return dissect_x509af_T_revokedCertificates_item(FALSE, tvb, offset, pinfo, tree, hf_x509af_revokedCertificates_item);
 669 }
 670
 671 static const ber_sequence T_revokedCertificates_sequence_of[1] = {
 672   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_revokedCertificates_item },
 673 };
 674
 675 static int
 676 dissect_x509af_T_revokedCertificates(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 677   offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
 678                                    T_revokedCertificates_sequence_of, hf_index, ett_x509af_T_revokedCertificates);
 679
 680   return offset;
 681 }
 682 static int dissect_revokedCertificates(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 683   return dissect_x509af_T_revokedCertificates(FALSE, tvb, offset, pinfo, tree, hf_x509af_revokedCertificates);
 684 }
 685
 686 static const ber_sequence T_signedCertificateList_sequence[] = {
 687   { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_version },
 688   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_signature },
 689   { BER_CLASS_UNI, -1/*choice*/, BER_FLAGS_NOOWNTAG, dissect_issuer },
 690   { BER_CLASS_UNI, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_thisUpdate },
 691   { BER_CLASS_UNI, -1/*choice*/, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_nextUpdate },
 692   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_revokedCertificates },
 693   { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_crlExtensions },
 694   { 0, 0, 0, NULL }
 695 };
 696
 697 static int
 698 dissect_x509af_T_signedCertificateList(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 699   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 700                                 T_signedCertificateList_sequence, hf_index, ett_x509af_T_signedCertificateList);
 701
 702   return offset;
 703 }
 704 static int dissect_signedCertificateList(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 705   return dissect_x509af_T_signedCertificateList(FALSE, tvb, offset, pinfo, tree, hf_x509af_signedCertificateList);
 706 }
 707
 708 static const ber_sequence CertificateList_sequence[] = {
 709   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_signedCertificateList },
 710   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_algorithmIdentifier },
 711   { BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_encrypted },
 712   { 0, 0, 0, NULL }
 713 };
 714
 715 int
 716 dissect_x509af_CertificateList(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 717   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 718                                 CertificateList_sequence, hf_index, ett_x509af_CertificateList);
 719
 720   return offset;
 721 }
 722
 723 static const ber_sequence IssuerSerial_sequence[] = {
 724   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_issuerName },
 725   { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_serial },
 726   { BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_issuerUID },
 727   { 0, 0, 0, NULL }
 728 };
 729
 730 int
 731 dissect_x509af_IssuerSerial(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 732   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 733                                 IssuerSerial_sequence, hf_index, ett_x509af_IssuerSerial);
 734
 735   return offset;
 736 }
 737 static int dissect_baseCertificateID(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 738   return dissect_x509af_IssuerSerial(FALSE, tvb, offset, pinfo, tree, hf_x509af_baseCertificateID);
 739 }
 740
 741
 742 static const value_string InfoSubject_vals[] = {
 743   {   0, "baseCertificateID" },
 744   {   1, "subjectName" },
 745   { 0, NULL }
 746 };
 747
 748 static const ber_choice InfoSubject_choice[] = {
 749   {   0, BER_CLASS_CON, 0, 0, dissect_baseCertificateID },
 750   {   1, BER_CLASS_CON, 1, 0, dissect_infoSubjectName },
 751   { 0, 0, 0, 0, NULL }
 752 };
 753
 754 static int
 755 dissect_x509af_InfoSubject(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 756   offset = dissect_ber_choice(pinfo, tree, tvb, offset,
 757                               InfoSubject_choice, hf_index, ett_x509af_InfoSubject);
 758
 759   return offset;
 760 }
 761 static int dissect_info_subject(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 762   return dissect_x509af_InfoSubject(FALSE, tvb, offset, pinfo, tree, hf_x509af_info_subject);
 763 }
 764
 765 static const ber_sequence AttCertValidityPeriod_sequence[] = {
 766   { BER_CLASS_UNI, BER_UNI_TAG_GeneralizedTime, BER_FLAGS_NOOWNTAG, dissect_notBeforeTime },
 767   { BER_CLASS_UNI, BER_UNI_TAG_GeneralizedTime, BER_FLAGS_NOOWNTAG, dissect_notAfterTime },
 768   { 0, 0, 0, NULL }
 769 };
 770
 771 int
 772 dissect_x509af_AttCertValidityPeriod(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 773   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 774                                 AttCertValidityPeriod_sequence, hf_index, ett_x509af_AttCertValidityPeriod);
 775
 776   return offset;
 777 }
 778 static int dissect_attCertValidityPeriod(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 779   return dissect_x509af_AttCertValidityPeriod(FALSE, tvb, offset, pinfo, tree, hf_x509af_attCertValidityPeriod);
 780 }
 781
 782 static const ber_sequence SEQUNCE_OF_Attribute_sequence_of[1] = {
 783   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_attributes_item },
 784 };
 785
 786 static int
 787 dissect_x509af_SEQUNCE_OF_Attribute(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 788   offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
 789                                    SEQUNCE_OF_Attribute_sequence_of, hf_index, ett_x509af_SEQUNCE_OF_Attribute);
 790
 791   return offset;
 792 }
 793 static int dissect_attributes(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 794   return dissect_x509af_SEQUNCE_OF_Attribute(FALSE, tvb, offset, pinfo, tree, hf_x509af_attributes);
 795 }
 796
 797 static const ber_sequence AttributeCertificateInfo_sequence[] = {
 798   { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_version },
 799   { BER_CLASS_CON, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_info_subject },
 800   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_issuerName },
 801   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_signature },
 802   { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_serialNumber },
 803   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_attCertValidityPeriod },
 804   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_attributes },
 805   { BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_issuerUniqueID },
 806   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_extensions },
 807   { 0, 0, 0, NULL }
 808 };
 809
 810 int
 811 dissect_x509af_AttributeCertificateInfo(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 812   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 813                                 AttributeCertificateInfo_sequence, hf_index, ett_x509af_AttributeCertificateInfo);
 814
 815   return offset;
 816 }
 817 static int dissect_signedAttributeCertificateInfo(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 818   return dissect_x509af_AttributeCertificateInfo(FALSE, tvb, offset, pinfo, tree, hf_x509af_signedAttributeCertificateInfo);
 819 }
 820
 821 static const ber_sequence AttributeCertificate_sequence[] = {
 822   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_signedAttributeCertificateInfo },
 823   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_algorithmIdentifier },
 824   { BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_encrypted },
 825   { 0, 0, 0, NULL }
 826 };
 827
 828 int
 829 dissect_x509af_AttributeCertificate(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 830   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 831                                 AttributeCertificate_sequence, hf_index, ett_x509af_AttributeCertificate);
 832
 833   return offset;
 834 }
 835 static int dissect_attributeCertificate(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 836   return dissect_x509af_AttributeCertificate(FALSE, tvb, offset, pinfo, tree, hf_x509af_attributeCertificate);
 837 }
 838
 839 static const ber_sequence ACPathData_sequence[] = {
 840   { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_certificate },
 841   { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_attributeCertificate },
 842   { 0, 0, 0, NULL }
 843 };
 844
 845 int
 846 dissect_x509af_ACPathData(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 847   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 848                                 ACPathData_sequence, hf_index, ett_x509af_ACPathData);
 849
 850   return offset;
 851 }
 852 static int dissect_acPath_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 853   return dissect_x509af_ACPathData(FALSE, tvb, offset, pinfo, tree, hf_x509af_acPath_item);
 854 }
 855
 856 static const ber_sequence SEQUNCE_OF_ACPathData_sequence_of[1] = {
 857   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_acPath_item },
 858 };
 859
 860 static int
 861 dissect_x509af_SEQUNCE_OF_ACPathData(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 862   offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
 863                                    SEQUNCE_OF_ACPathData_sequence_of, hf_index, ett_x509af_SEQUNCE_OF_ACPathData);
 864
 865   return offset;
 866 }
 867 static int dissect_acPath(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 868   return dissect_x509af_SEQUNCE_OF_ACPathData(FALSE, tvb, offset, pinfo, tree, hf_x509af_acPath);
 869 }
 870
 871 static const ber_sequence AttributeCertificationPath_sequence[] = {
 872   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_attributeCertificate },
 873   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_acPath },
 874   { 0, 0, 0, NULL }
 875 };
 876
 877 int
 878 dissect_x509af_AttributeCertificationPath(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 879   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 880                                 AttributeCertificationPath_sequence, hf_index, ett_x509af_AttributeCertificationPath);
 881
 882   return offset;
 883 }
 884
 885
 886 static const value_string AssertionSubject_vals[] = {
 887   {   0, "baseCertificateID" },
 888   {   1, "subjectName" },
 889   { 0, NULL }
 890 };
 891
 892 static const ber_choice AssertionSubject_choice[] = {
 893   {   0, BER_CLASS_CON, 0, 0, dissect_baseCertificateID },
 894   {   1, BER_CLASS_CON, 1, 0, dissect_assertionSubjectName },
 895   { 0, 0, 0, 0, NULL }
 896 };
 897
 898 static int
 899 dissect_x509af_AssertionSubject(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 900   offset = dissect_ber_choice(pinfo, tree, tvb, offset,
 901                               AssertionSubject_choice, hf_index, ett_x509af_AssertionSubject);
 902
 903   return offset;
 904 }
 905 static int dissect_assertion_subject(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 906   return dissect_x509af_AssertionSubject(FALSE, tvb, offset, pinfo, tree, hf_x509af_assertion_subject);
 907 }
 908
 909 static const ber_sequence SET_OF_AttributeType_set_of[1] = {
 910   { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_attType_item },
 911 };
 912
 913 static int
 914 dissect_x509af_SET_OF_AttributeType(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 915   offset = dissect_ber_set_of(implicit_tag, pinfo, tree, tvb, offset,
 916                               SET_OF_AttributeType_set_of, hf_index, ett_x509af_SET_OF_AttributeType);
 917
 918   return offset;
 919 }
 920 static int dissect_attType(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
 921   return dissect_x509af_SET_OF_AttributeType(FALSE, tvb, offset, pinfo, tree, hf_x509af_attType);
 922 }
 923
 924 static const ber_sequence AttributeCertificateAssertion_sequence[] = {
 925   { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_assertion_subject },
 926   { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_assertionIssuer },
 927   { BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_attCertValidity },
 928   { BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_attType },
 929   { 0, 0, 0, NULL }
 930 };
 931
 932 int
 933 dissect_x509af_AttributeCertificateAssertion(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
 934   offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
 935                                 AttributeCertificateAssertion_sequence, hf_index, ett_x509af_AttributeCertificateAssertion);
 936
 937   return offset;
 938 }
 939
 940 /*--- PDUs ---*/
 941
 942 static void dissect_Certificate_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
 943   dissect_x509af_Certificate(FALSE, tvb, 0, pinfo, tree, hf_x509af_Certificate_PDU);
 944 }
 945 static void dissect_CertificatePair_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
 946   dissect_x509af_CertificatePair(FALSE, tvb, 0, pinfo, tree, hf_x509af_CertificatePair_PDU);
 947 }
 948 static void dissect_CertificateList_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
 949   dissect_x509af_CertificateList(FALSE, tvb, 0, pinfo, tree, hf_x509af_CertificateList_PDU);
 950 }
 951 static void dissect_AttributeCertificate_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
 952   dissect_x509af_AttributeCertificate(FALSE, tvb, 0, pinfo, tree, hf_x509af_AttributeCertificate_PDU);
 953 }
 954
 955
 956 /*--- End of included file: packet-x509af-fn.c ---*/
 957
 958
 959
 960 static int
 961 dissect_pkix_crl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
 962 {
 963         proto_item *item=NULL;
 964         proto_tree *tree=NULL;
 965
 966         if (check_col(pinfo->cinfo, COL_PROTOCOL))
 967                 col_set_str(pinfo->cinfo, COL_PROTOCOL, "PKIX-CRL");
 968
 969         if (check_col(pinfo->cinfo, COL_INFO)) {
 970                 col_clear(pinfo->cinfo, COL_INFO);
 971
 972                 col_add_fstr(pinfo->cinfo, COL_INFO, "Certificate Revocation List");
 973         }
 974
 975
 976         if(parent_tree){
 977                 item=proto_tree_add_text(parent_tree, tvb, 0, -1, "Certificate Revocation List");
 978                 tree = proto_item_add_subtree(item, ett_pkix_crl);
 979         }
 980
 981         return dissect_x509af_CertificateList(FALSE, tvb, 0, pinfo, tree, -1);
 982 }
 983
 984 /*--- proto_register_x509af ----------------------------------------------*/
 985 void proto_register_x509af(void) {
 986
 987   /* List of fields */
 988   static hf_register_info hf[] = {
 989     { &hf_x509af_algorithm_id,
 990       { "Algorithm Id", "x509af.algorithm.id",
 991         FT_STRING, BASE_NONE, NULL, 0,
 992         "Algorithm Id", HFILL }},
 993     { &hf_x509af_extension_id,
 994       { "Extension Id", "x509af.extension.id",
 995         FT_STRING, BASE_NONE, NULL, 0,
 996         "Extension Id", HFILL }},
 997
 998 /*--- Included file: packet-x509af-hfarr.c ---*/
 999
1000     { &hf_x509af_Certificate_PDU,
1001       { "Certificate", "x509af.Certificate",
1002         FT_NONE, BASE_NONE, NULL, 0,
1003         "Certificate", HFILL }},
1004     { &hf_x509af_CertificatePair_PDU,
1005       { "CertificatePair", "x509af.CertificatePair",
1006         FT_NONE, BASE_NONE, NULL, 0,
1007         "CertificatePair", HFILL }},
1008     { &hf_x509af_CertificateList_PDU,
1009       { "CertificateList", "x509af.CertificateList",
1010         FT_NONE, BASE_NONE, NULL, 0,
1011         "CertificateList", HFILL }},
1012     { &hf_x509af_AttributeCertificate_PDU,
1013       { "AttributeCertificate", "x509af.AttributeCertificate",
1014         FT_NONE, BASE_NONE, NULL, 0,
1015         "AttributeCertificate", HFILL }},
1016     { &hf_x509af_signedCertificate,
1017       { "signedCertificate", "x509af.signedCertificate",
1018         FT_NONE, BASE_NONE, NULL, 0,
1019         "Certificate/signedCertificate", HFILL }},
1020     { &hf_x509af_version,
1021       { "version", "x509af.version",
1022         FT_INT32, BASE_DEC, VALS(Version_vals), 0,
1023         "", HFILL }},
1024     { &hf_x509af_serialNumber,
1025       { "serialNumber", "x509af.serialNumber",
1026         FT_INT32, BASE_DEC, NULL, 0,
1027         "", HFILL }},
1028     { &hf_x509af_signature,
1029       { "signature", "x509af.signature",
1030         FT_NONE, BASE_NONE, NULL, 0,
1031         "", HFILL }},
1032     { &hf_x509af_issuer,
1033       { "issuer", "x509af.issuer",
1034         FT_UINT32, BASE_DEC, VALS(Name_vals), 0,
1035         "", HFILL }},
1036     { &hf_x509af_validity,
1037       { "validity", "x509af.validity",
1038         FT_NONE, BASE_NONE, NULL, 0,
1039         "Certificate/signedCertificate/validity", HFILL }},
1040     { &hf_x509af_subject,
1041       { "subject", "x509af.subject",
1042         FT_UINT32, BASE_DEC, VALS(Name_vals), 0,
1043         "Certificate/signedCertificate/subject", HFILL }},
1044     { &hf_x509af_subjectPublicKeyInfo,
1045       { "subjectPublicKeyInfo", "x509af.subjectPublicKeyInfo",
1046         FT_NONE, BASE_NONE, NULL, 0,
1047         "Certificate/signedCertificate/subjectPublicKeyInfo", HFILL }},
1048     { &hf_x509af_issuerUniqueIdentifier,
1049       { "issuerUniqueIdentifier", "x509af.issuerUniqueIdentifier",
1050         FT_BYTES, BASE_HEX, NULL, 0,
1051         "Certificate/signedCertificate/issuerUniqueIdentifier", HFILL }},
1052     { &hf_x509af_subjectUniqueIdentifier,
1053       { "subjectUniqueIdentifier", "x509af.subjectUniqueIdentifier",
1054         FT_BYTES, BASE_HEX, NULL, 0,
1055         "Certificate/signedCertificate/subjectUniqueIdentifier", HFILL }},
1056     { &hf_x509af_extensions,
1057       { "extensions", "x509af.extensions",
1058         FT_NONE, BASE_NONE, NULL, 0,
1059         "", HFILL }},
1060     { &hf_x509af_algorithmIdentifier,
1061       { "algorithmIdentifier", "x509af.algorithmIdentifier",
1062         FT_NONE, BASE_NONE, NULL, 0,
1063         "", HFILL }},
1064     { &hf_x509af_encrypted,
1065       { "encrypted", "x509af.encrypted",
1066         FT_BYTES, BASE_HEX, NULL, 0,
1067         "", HFILL }},
1068     { &hf_x509af_algorithmId,
1069       { "algorithmId", "x509af.algorithmId",
1070         FT_STRING, BASE_NONE, NULL, 0,
1071         "AlgorithmIdentifier/algorithmId", HFILL }},
1072     { &hf_x509af_parameters,
1073       { "parameters", "x509af.parameters",
1074         FT_NONE, BASE_NONE, NULL, 0,
1075         "AlgorithmIdentifier/parameters", HFILL }},
1076     { &hf_x509af_notBefore,
1077       { "notBefore", "x509af.notBefore",
1078         FT_UINT32, BASE_DEC, VALS(Time_vals), 0,
1079         "Validity/notBefore", HFILL }},
1080     { &hf_x509af_notAfter,
1081       { "notAfter", "x509af.notAfter",
1082         FT_UINT32, BASE_DEC, VALS(Time_vals), 0,
1083         "Validity/notAfter", HFILL }},
1084     { &hf_x509af_algorithm,
1085       { "algorithm", "x509af.algorithm",
1086         FT_NONE, BASE_NONE, NULL, 0,
1087         "SubjectPublicKeyInfo/algorithm", HFILL }},
1088     { &hf_x509af_subjectPublicKey,
1089       { "subjectPublicKey", "x509af.subjectPublicKey",
1090         FT_BYTES, BASE_HEX, NULL, 0,
1091         "SubjectPublicKeyInfo/subjectPublicKey", HFILL }},
1092     { &hf_x509af_utcTime,
1093       { "utcTime", "x509af.utcTime",
1094         FT_STRING, BASE_NONE, NULL, 0,
1095         "Time/utcTime", HFILL }},
1096     { &hf_x509af_generalizedTime,
1097       { "generalizedTime", "x509af.generalizedTime",
1098         FT_STRING, BASE_NONE, NULL, 0,
1099         "Time/generalizedTime", HFILL }},
1100     { &hf_x509af_Extensions_item,
1101       { "Item", "x509af.Extensions_item",
1102         FT_NONE, BASE_NONE, NULL, 0,
1103         "Extensions/_item", HFILL }},
1104     { &hf_x509af_extnId,
1105       { "extnId", "x509af.extnId",
1106         FT_STRING, BASE_NONE, NULL, 0,
1107         "Extension/extnId", HFILL }},
1108     { &hf_x509af_critical,
1109       { "critical", "x509af.critical",
1110         FT_BOOLEAN, 8, NULL, 0,
1111         "Extension/critical", HFILL }},
1112     { &hf_x509af_extnValue,
1113       { "extnValue", "x509af.extnValue",
1114         FT_BYTES, BASE_HEX, NULL, 0,
1115         "Extension/extnValue", HFILL }},
1116     { &hf_x509af_userCertificate,
1117       { "userCertificate", "x509af.userCertificate",
1118         FT_NONE, BASE_NONE, NULL, 0,
1119         "", HFILL }},
1120     { &hf_x509af_certificationPath,
1121       { "certificationPath", "x509af.certificationPath",
1122         FT_NONE, BASE_NONE, NULL, 0,
1123         "Certificates/certificationPath", HFILL }},
1124     { &hf_x509af_ForwardCertificationPath_item,
1125       { "Item", "x509af.ForwardCertificationPath_item",
1126         FT_NONE, BASE_NONE, NULL, 0,
1127         "ForwardCertificationPath/_item", HFILL }},
1128     { &hf_x509af_CrossCertificates_item,
1129       { "Item", "x509af.CrossCertificates_item",
1130         FT_NONE, BASE_NONE, NULL, 0,
1131         "CrossCertificates/_item", HFILL }},
1132     { &hf_x509af_theCACertificates,
1133       { "theCACertificates", "x509af.theCACertificates",
1134         FT_NONE, BASE_NONE, NULL, 0,
1135         "CertificationPath/theCACertificates", HFILL }},
1136     { &hf_x509af_theCACertificates_item,
1137       { "Item", "x509af.theCACertificates_item",
1138         FT_NONE, BASE_NONE, NULL, 0,
1139         "CertificationPath/theCACertificates/_item", HFILL }},
1140     { &hf_x509af_issuedByThisCA,
1141       { "issuedByThisCA", "x509af.issuedByThisCA",
1142         FT_NONE, BASE_NONE, NULL, 0,
1143         "CertificatePair/issuedByThisCA", HFILL }},
1144     { &hf_x509af_issuedToThisCA,
1145       { "issuedToThisCA", "x509af.issuedToThisCA",
1146         FT_NONE, BASE_NONE, NULL, 0,
1147         "CertificatePair/issuedToThisCA", HFILL }},
1148     { &hf_x509af_signedCertificateList,
1149       { "signedCertificateList", "x509af.signedCertificateList",
1150         FT_NONE, BASE_NONE, NULL, 0,
1151         "CertificateList/signedCertificateList", HFILL }},
1152     { &hf_x509af_thisUpdate,
1153       { "thisUpdate", "x509af.thisUpdate",
1154         FT_UINT32, BASE_DEC, VALS(Time_vals), 0,
1155         "CertificateList/signedCertificateList/thisUpdate", HFILL }},
1156     { &hf_x509af_nextUpdate,
1157       { "nextUpdate", "x509af.nextUpdate",
1158         FT_UINT32, BASE_DEC, VALS(Time_vals), 0,
1159         "CertificateList/signedCertificateList/nextUpdate", HFILL }},
1160     { &hf_x509af_revokedCertificates,
1161       { "revokedCertificates", "x509af.revokedCertificates",
1162         FT_NONE, BASE_NONE, NULL, 0,
1163         "CertificateList/signedCertificateList/revokedCertificates", HFILL }},
1164     { &hf_x509af_revokedCertificates_item,
1165       { "Item", "x509af.revokedCertificates_item",
1166         FT_NONE, BASE_NONE, NULL, 0,
1167         "CertificateList/signedCertificateList/revokedCertificates/_item", HFILL }},
1168     { &hf_x509af_revokedUserCertificate,
1169       { "userCertificate", "x509af.userCertificate",
1170         FT_INT32, BASE_DEC, NULL, 0,
1171         "CertificateList/signedCertificateList/revokedCertificates/_item/userCertificate", HFILL }},
1172     { &hf_x509af_revocationDate,
1173       { "revocationDate", "x509af.revocationDate",
1174         FT_UINT32, BASE_DEC, VALS(Time_vals), 0,
1175         "CertificateList/signedCertificateList/revokedCertificates/_item/revocationDate", HFILL }},
1176     { &hf_x509af_crlEntryExtensions,
1177       { "crlEntryExtensions", "x509af.crlEntryExtensions",
1178         FT_NONE, BASE_NONE, NULL, 0,
1179         "CertificateList/signedCertificateList/revokedCertificates/_item/crlEntryExtensions", HFILL }},
1180     { &hf_x509af_crlExtensions,
1181       { "crlExtensions", "x509af.crlExtensions",
1182         FT_NONE, BASE_NONE, NULL, 0,
1183         "CertificateList/signedCertificateList/crlExtensions", HFILL }},
1184     { &hf_x509af_attributeCertificate,
1185       { "attributeCertificate", "x509af.attributeCertificate",
1186         FT_NONE, BASE_NONE, NULL, 0,
1187         "", HFILL }},
1188     { &hf_x509af_acPath,
1189       { "acPath", "x509af.acPath",
1190         FT_NONE, BASE_NONE, NULL, 0,
1191         "AttributeCertificationPath/acPath", HFILL }},
1192     { &hf_x509af_acPath_item,
1193       { "Item", "x509af.acPath_item",
1194         FT_NONE, BASE_NONE, NULL, 0,
1195         "AttributeCertificationPath/acPath/_item", HFILL }},
1196     { &hf_x509af_certificate,
1197       { "certificate", "x509af.certificate",
1198         FT_NONE, BASE_NONE, NULL, 0,
1199         "ACPathData/certificate", HFILL }},
1200     { &hf_x509af_signedAttributeCertificateInfo,
1201       { "signedAttributeCertificateInfo", "x509af.signedAttributeCertificateInfo",
1202         FT_NONE, BASE_NONE, NULL, 0,
1203         "AttributeCertificate/signedAttributeCertificateInfo", HFILL }},
1204     { &hf_x509af_info_subject,
1205       { "subject", "x509af.subject",
1206         FT_UINT32, BASE_DEC, VALS(InfoSubject_vals), 0,
1207         "AttributeCertificateInfo/subject", HFILL }},
1208     { &hf_x509af_baseCertificateID,
1209       { "baseCertificateID", "x509af.baseCertificateID",
1210         FT_NONE, BASE_NONE, NULL, 0,
1211         "", HFILL }},
1212     { &hf_x509af_infoSubjectName,
1213       { "subjectName", "x509af.subjectName",
1214         FT_UINT32, BASE_DEC, NULL, 0,
1215         "AttributeCertificateInfo/subject/subjectName", HFILL }},
1216     { &hf_x509af_issuerName,
1217       { "issuer", "x509af.issuer",
1218         FT_UINT32, BASE_DEC, NULL, 0,
1219         "", HFILL }},
1220     { &hf_x509af_attCertValidityPeriod,
1221       { "attCertValidityPeriod", "x509af.attCertValidityPeriod",
1222         FT_NONE, BASE_NONE, NULL, 0,
1223         "AttributeCertificateInfo/attCertValidityPeriod", HFILL }},
1224     { &hf_x509af_attributes,
1225       { "attributes", "x509af.attributes",
1226         FT_NONE, BASE_NONE, NULL, 0,
1227         "AttributeCertificateInfo/attributes", HFILL }},
1228     { &hf_x509af_attributes_item,
1229       { "Item", "x509af.attributes_item",
1230         FT_NONE, BASE_NONE, NULL, 0,
1231         "AttributeCertificateInfo/attributes/_item", HFILL }},
1232     { &hf_x509af_issuerUniqueID,
1233       { "issuerUniqueID", "x509af.issuerUniqueID",
1234         FT_BYTES, BASE_HEX, NULL, 0,
1235         "AttributeCertificateInfo/issuerUniqueID", HFILL }},
1236     { &hf_x509af_serial,
1237       { "serial", "x509af.serial",
1238         FT_INT32, BASE_DEC, NULL, 0,
1239         "IssuerSerial/serial", HFILL }},
1240     { &hf_x509af_issuerUID,
1241       { "issuerUID", "x509af.issuerUID",
1242         FT_BYTES, BASE_HEX, NULL, 0,
1243         "IssuerSerial/issuerUID", HFILL }},
1244     { &hf_x509af_notBeforeTime,
1245       { "notBeforeTime", "x509af.notBeforeTime",
1246         FT_STRING, BASE_NONE, NULL, 0,
1247         "AttCertValidityPeriod/notBeforeTime", HFILL }},
1248     { &hf_x509af_notAfterTime,
1249       { "notAfterTime", "x509af.notAfterTime",
1250         FT_STRING, BASE_NONE, NULL, 0,
1251         "AttCertValidityPeriod/notAfterTime", HFILL }},
1252     { &hf_x509af_assertion_subject,
1253       { "subject", "x509af.subject",
1254         FT_UINT32, BASE_DEC, VALS(AssertionSubject_vals), 0,
1255         "AttributeCertificateAssertion/subject", HFILL }},
1256     { &hf_x509af_assertionSubjectName,
1257       { "subjectName", "x509af.subjectName",
1258         FT_UINT32, BASE_DEC, VALS(Name_vals), 0,
1259         "AttributeCertificateAssertion/subject/subjectName", HFILL }},
1260     { &hf_x509af_assertionIssuer,
1261       { "issuer", "x509af.issuer",
1262         FT_UINT32, BASE_DEC, VALS(Name_vals), 0,
1263         "AttributeCertificateAssertion/issuer", HFILL }},
1264     { &hf_x509af_attCertValidity,
1265       { "attCertValidity", "x509af.attCertValidity",
1266         FT_STRING, BASE_NONE, NULL, 0,
1267         "AttributeCertificateAssertion/attCertValidity", HFILL }},
1268     { &hf_x509af_attType,
1269       { "attType", "x509af.attType",
1270         FT_NONE, BASE_NONE, NULL, 0,
1271         "AttributeCertificateAssertion/attType", HFILL }},
1272     { &hf_x509af_attType_item,
1273       { "Item", "x509af.attType_item",
1274         FT_STRING, BASE_NONE, NULL, 0,
1275         "AttributeCertificateAssertion/attType/_item", HFILL }},
1276
1277 /*--- End of included file: packet-x509af-hfarr.c ---*/
1278
1279   };
1280
1281   /* List of subtrees */
1282   static gint *ett[] = {
1283     &ett_pkix_crl,
1284
1285 /*--- Included file: packet-x509af-ettarr.c ---*/
1286
1287     &ett_x509af_Certificate,
1288     &ett_x509af_T_signedCertificate,
1289     &ett_x509af_AlgorithmIdentifier,
1290     &ett_x509af_Validity,
1291     &ett_x509af_SubjectPublicKeyInfo,
1292     &ett_x509af_Time,
1293     &ett_x509af_Extensions,
1294     &ett_x509af_Extension,
1295     &ett_x509af_Certificates,
1296     &ett_x509af_ForwardCertificationPath,
1297     &ett_x509af_CrossCertificates,
1298     &ett_x509af_CertificationPath,
1299     &ett_x509af_SEQUNCE_OF_CertificatePair,
1300     &ett_x509af_CertificatePair,
1301     &ett_x509af_CertificateList,
1302     &ett_x509af_T_signedCertificateList,
1303     &ett_x509af_T_revokedCertificates,
1304     &ett_x509af_T_revokedCertificates_item,
1305     &ett_x509af_AttributeCertificationPath,
1306     &ett_x509af_SEQUNCE_OF_ACPathData,
1307     &ett_x509af_ACPathData,
1308     &ett_x509af_AttributeCertificate,
1309     &ett_x509af_AttributeCertificateInfo,
1310     &ett_x509af_InfoSubject,
1311     &ett_x509af_SEQUNCE_OF_Attribute,
1312     &ett_x509af_IssuerSerial,
1313     &ett_x509af_AttCertValidityPeriod,
1314     &ett_x509af_AttributeCertificateAssertion,
1315     &ett_x509af_AssertionSubject,
1316     &ett_x509af_SET_OF_AttributeType,
1317
1318 /*--- End of included file: packet-x509af-ettarr.c ---*/
1319
1320   };
1321
1322   /* Register protocol */
1323   proto_x509af = proto_register_protocol(PNAME, PSNAME, PFNAME);
1324
1325   /* Register fields and subtrees */
1326   proto_register_field_array(proto_x509af, hf, array_length(hf));
1327   proto_register_subtree_array(ett, array_length(ett));
1328
1329 }
1330
1331
1332 /*--- proto_reg_handoff_x509af -------------------------------------------*/
1333 void proto_reg_handoff_x509af(void) {
1334         dissector_handle_t pkix_crl_handle;
1335
1336         pkix_crl_handle = new_create_dissector_handle(dissect_pkix_crl, proto_x509af);
1337         dissector_add_string("media_type", "application/pkix-crl", pkix_crl_handle);
1338
1339
1340 /*--- Included file: packet-x509af-dis-tab.c ---*/
1341
1342  register_ber_oid_dissector("2.5.4.36", dissect_Certificate_PDU, proto_x509af, "id-at-userCertificate");
1343  register_ber_oid_dissector("2.5.4.37", dissect_Certificate_PDU, proto_x509af, "id-at-cAcertificate");
1344  register_ber_oid_dissector("2.5.4.38", dissect_CertificateList_PDU, proto_x509af, "id-at-authorityRevocationList");
1345  register_ber_oid_dissector("2.5.4.39", dissect_CertificateList_PDU, proto_x509af, "id-at-certificateRevocationList");
1346  register_ber_oid_dissector("2.5.4.40", dissect_CertificatePair_PDU, proto_x509af, "id-at-crossCertificatePair");
1347  register_ber_oid_dissector("2.5.4.58", dissect_AttributeCertificate_PDU, proto_x509af, "id-at-attributeCertificate");
1348  register_ber_oid_dissector("2.5.4.59", dissect_CertificateList_PDU, proto_x509af, "id-at-attributeCertificateRevocationList");
1349
1350
1351 /*--- End of included file: packet-x509af-dis-tab.c ---*/
1352
1353
1354         /*XXX these should really go to a better place but since that
1355           I have not that ITU standard, ill put it here for the time
1356           being.
1357           Only implemented those algorithms that take no parameters
1358           for the time being,   ronnie
1359         */
1360         /* from http://www.alvestrand.no/objectid/1.3.14.3.2.html */
1361         register_ber_oid_dissector("1.3.14.3.2.2", dissect_ber_oid_NULL_callback, proto_x509af, "md4WithRSA");
1362         register_ber_oid_dissector("1.3.14.3.2.3", dissect_ber_oid_NULL_callback, proto_x509af, "md5WithRSA");
1363         register_ber_oid_dissector("1.3.14.3.2.4", dissect_ber_oid_NULL_callback, proto_x509af, "md4WithRSAEncryption");
1364         register_ber_oid_dissector("1.3.14.3.2.6", dissect_ber_oid_NULL_callback, proto_x509af, "desECB");
1365         register_ber_oid_dissector("1.3.14.3.2.11", dissect_ber_oid_NULL_callback, proto_x509af, "rsaSignature");
1366         register_ber_oid_dissector("1.3.14.3.2.14", dissect_ber_oid_NULL_callback, proto_x509af, "mdc2WithRSASignature");
1367         register_ber_oid_dissector("1.3.14.3.2.15", dissect_ber_oid_NULL_callback, proto_x509af, "shaWithRSASignature");
1368         register_ber_oid_dissector("1.3.14.3.2.16", dissect_ber_oid_NULL_callback, proto_x509af, "dhWithCommonModulus");
1369         register_ber_oid_dissector("1.3.14.3.2.17", dissect_ber_oid_NULL_callback, proto_x509af, "desEDE");
1370         register_ber_oid_dissector("1.3.14.3.2.18", dissect_ber_oid_NULL_callback, proto_x509af, "sha");
1371         register_ber_oid_dissector("1.3.14.3.2.19", dissect_ber_oid_NULL_callback, proto_x509af, "mdc-2");
1372         register_ber_oid_dissector("1.3.14.3.2.20", dissect_ber_oid_NULL_callback, proto_x509af, "dsaCommon");
1373         register_ber_oid_dissector("1.3.14.3.2.21", dissect_ber_oid_NULL_callback, proto_x509af, "dsaCommonWithSHA");
1374         register_ber_oid_dissector("1.3.14.3.2.22", dissect_ber_oid_NULL_callback, proto_x509af, "rsaKeyTransport");
1375         register_ber_oid_dissector("1.3.14.3.2.23", dissect_ber_oid_NULL_callback, proto_x509af, "keyed-hash-seal");
1376         register_ber_oid_dissector("1.3.14.3.2.24", dissect_ber_oid_NULL_callback, proto_x509af, "md2WithRSASignature");
1377         register_ber_oid_dissector("1.3.14.3.2.25", dissect_ber_oid_NULL_callback, proto_x509af, "md5WithRSASignature");
1378         register_ber_oid_dissector("1.3.14.3.2.26", dissect_ber_oid_NULL_callback, proto_x509af, "SHA-1");
1379 }
1380