New protocol dissector for PKCS#12 - Personal Information Exchange Syntax.

Generally found within a file (.p12 or .pfx) or as a directory attribute (userPKCS12 from iNetOrgPerson).

Wiki page and sample file to follow.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20416 f5534014-38df-0310-8fa8-9805f1628bb7

diff --git a/asn1/cms/cms-exp.cnf b/asn1/cms/cms-exp.cnf
index 5d7aa8672b8b2d3b046aec7fdd29c26947c8fd5d..0eb30a20a96038dc8f6eaabd32b588a10470578a 100644 (file)
--- a/asn1/cms/cms-exp.cnf
+++ b/asn1/cms/cms-exp.cnf
@@ -20,6 +20,8 @@ SignedAttributes         BER_CLASS_UNI BER_UNI_TAG_SET
 UnsignedAttributes       BER_CLASS_UNI BER_UNI_TAG_SET
 SignatureValue           BER_CLASS_UNI BER_UNI_TAG_OCTETSTRING
 EnvelopedData            BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
+Digest                   BER_CLASS_UNI BER_UNI_TAG_OCTETSTRING
+DigestAlgorithmIdentifier BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
 IssuerAndSerialNumber    BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
 Countersignature         BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
 #.END
@@ -37,6 +39,8 @@ SignedAttributes         TYPE = FT_UINT32  DISPLAY = BASE_DEC   STRINGS = NULL
 UnsignedAttributes       TYPE = FT_UINT32  DISPLAY = BASE_DEC   STRINGS = NULL  BITMASK = 0
 SignatureValue           TYPE = FT_BYTES   DISPLAY = BASE_HEX   STRINGS = NULL  BITMASK = 0
 EnvelopedData            TYPE = FT_NONE    DISPLAY = BASE_NONE  STRINGS = NULL  BITMASK = 0
+Digest                   TYPE = FT_BYTES   DISPLAY = BASE_HEX   STRINGS = NULL  BITMASK = 0
+DigestAlgorithmIdentifier TYPE = FT_NONE    DISPLAY = BASE_NONE  STRINGS = NULL  BITMASK = 0
 IssuerAndSerialNumber    TYPE = FT_NONE    DISPLAY = BASE_NONE  STRINGS = NULL  BITMASK = 0
 Countersignature         TYPE = FT_NONE    DISPLAY = BASE_NONE  STRINGS = NULL  BITMASK = 0
 #.END

diff --git a/asn1/cms/cms.cnf b/asn1/cms/cms.cnf
index 04d2d72217903d6ba27b4c72c1fe6f583110ffaa..853c5e0bf0c852bb8645d08bc4410f9c35a9aec2 100644 (file)
--- a/asn1/cms/cms.cnf
+++ b/asn1/cms/cms.cnf
@@ -10,6 +10,8 @@
 ContentInfo
 ContentType
 Countersignature
+Digest
+DigestAlgorithmIdentifier
 DigestAlgorithmIdentifiers
 EncapsulatedContentInfo
 EnvelopedData
@@ -24,6 +26,7 @@ UnsignedAttributes
 
 #.REGISTER
 ContentInfo       B "1.2.840.113549.1.9.16.1.6" "id-ct-contentInfo"
+#OctetString   B "1.2.840.113549.1.7.1"      "id-data"                  see x509sat.cnf
 SignedData        B "1.2.840.113549.1.7.2"      "id-signedData"
 EnvelopedData     B "1.2.840.113549.1.7.3"      "id-envelopedData"
 DigestedData      B "1.2.840.113549.1.7.5"      "id-digestedData"
@@ -52,16 +55,22 @@ EncryptedContentInfo/contentType    encryptedContentType
   content_tvb = NULL;
   top_tree = NULL;
 
-#.FN_BODY ContentInfo/contentType
-  offset = dissect_ber_object_identifier_str(FALSE, pinfo, tree, tvb, offset,
-                                         hf_cms_ci_contentType, &object_identifier_id);
+#.FN_PARS ContentType
+       FN_VARIANT = _str VAL_PTR = &object_identifier_id
+
+#.FN_BODY ContentType
+       const char *name = NULL;
+
+       %(DEFAULT_BODY)s
+
+       if(object_identifier_id) {  
+               name = get_oid_str_name(object_identifier_id);
+               proto_item_append_text(tree, " (%%s)", name ? name : object_identifier_id); 
+       }
 
 #.FN_BODY ContentInfo/content
   offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
 
-#.FN_BODY EncapsulatedContentInfo/eContentType
-  offset = dissect_ber_object_identifier_str(FALSE, pinfo, tree, tvb, offset,
-                                         hf_cms_ci_contentType, &object_identifier_id);
 
 #.FN_BODY EncapsulatedContentInfo/eContent
   gint8 class;
@@ -78,6 +87,7 @@ EncryptedContentInfo/contentType      encryptedContentType
   content_offset = pdu_offset = get_ber_length(tree, tvb, pdu_offset, &len, &ind);
   pdu_offset = call_ber_oid_callback(object_identifier_id, tvb, pdu_offset, pinfo, top_tree ? top_tree : tree);
   
+  /* save the content for checking the message digest */       
   content_tvb = tvb_new_subset(tvb, content_offset, len, -1);
 
 #.FN_PARS OtherKeyAttribute/keyAttrId

diff --git a/asn1/cms/packet-cms-template.c b/asn1/cms/packet-cms-template.c
index 678959149d00332d206afec8cc3f03831aa70ceb..6ceb9da0725e4ddeca07c47cee5e75c65eeb4de4 100644 (file)
--- a/asn1/cms/packet-cms-template.c
+++ b/asn1/cms/packet-cms-template.c
@@ -162,5 +162,8 @@ void proto_register_cms(void) {
 /*--- proto_reg_handoff_cms -------------------------------------------*/
 void proto_reg_handoff_cms(void) {
 #include "packet-cms-dis-tab.c"
+
+  add_oid_str_name("1.2.840.113549.1.7.1", "id-data");
+
 }
 

diff --git a/asn1/pkcs12/Makefile b/asn1/pkcs12/Makefile
new file mode 100644 (file)
index 0000000..11f1a0e
--- /dev/null
+++ b/asn1/pkcs12/Makefile
@@ -0,0 +1,16 @@
+# $Id$
+
+DISSECTOR_FILES=packet-pkcs12.c packet-pkcs12.h
+
+all: generate_dissector
+
+generate_dissector: $(DISSECTOR_FILES)
+
+$(DISSECTOR_FILES): ../../tools/asn2wrs.py pkcs12.asn packet-pkcs12-template.c packet-pkcs12-template.h pkcs12.cnf ../cms/cms-exp.cnf ../x509af/x509af-exp.cnf ../x509if/x509if-exp.cnf
+       python ../../tools/asn2wrs.py -b -e -p pkcs12 -c pkcs12.cnf -s packet-pkcs12-template pkcs12.asn
+
+clean:
+       rm -f parsetab.py $(DISSECTOR_FILES) *~
+
+copy_files: generate_dissector
+       cp $(DISSECTOR_FILES) ../../epan/dissectors

diff --git a/asn1/pkcs12/Makefile.nmake b/asn1/pkcs12/Makefile.nmake
new file mode 100644 (file)
index 0000000..8669262
--- /dev/null
+++ b/asn1/pkcs12/Makefile.nmake
@@ -0,0 +1,46 @@
+## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
+#
+# $Id$
+
+include ../../config.nmake
+
+UNIX2DOS=$(PERL) ../../tools/unix2dos.pl
+
+PROTOCOL_NAME=pkcs12
+DISSECTOR_FILES=packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).h
+
+all: generate_dissector
+
+generate_dissector: $(DISSECTOR_FILES)
+
+$(DISSECTOR_FILES): ../../tools/asn2wrs.py pkcs12.asn packet-pkcs12-template.c packet-pkcs12-template.h pkcs12.cnf ../cms/cms-exp.cnf ../x509af/x509af-exp.cnf ../x509if/x509if-exp.cnf
+!IFDEF PYTHON
+       $(PYTHON) ../../tools/asn2wrs.py -b -e -p $(PROTOCOL_NAME) -c pkcs12.cnf -s packet-pkcs12-template pkcs12.asn
+!ELSE
+       @echo Error: You need Python to use asn2wrs.py
+       @exit 1
+!ENDIF
+
+clean:
+       rm -f parsetab.py parsetab.pyc $(DISSECTOR_FILES)
+
+distclean: clean
+
+maintainer-clean: distclean
+
+# Fix EOL in generated dissectors. Cygwin's python generates files with 
+# mixed EOL styles, which can't be commited to the SVN repository.
+# Stuff included from template and "cnf" files has "\r\n" on windows, while 
+# the generated stuff has "\n".
+
+fix_eol: generate_dissector
+       move packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).c.tmp
+       move packet-$(PROTOCOL_NAME).h packet-$(PROTOCOL_NAME).h.tmp
+       $(UNIX2DOS) < packet-$(PROTOCOL_NAME).c.tmp > packet-$(PROTOCOL_NAME).c
+       $(UNIX2DOS) < packet-$(PROTOCOL_NAME).h.tmp > packet-$(PROTOCOL_NAME).h
+       del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp
+
+copy_files: generate_dissector fix_eol
+       xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y
+       xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y
+

diff --git a/asn1/pkcs12/packet-pkcs12-template.c b/asn1/pkcs12/packet-pkcs12-template.c
new file mode 100644 (file)
index 0000000..0499703
--- /dev/null
+++ b/asn1/pkcs12/packet-pkcs12-template.c
@@ -0,0 +1,159 @@
+/* packet-pkcs12.c
+ * Routines for PKCS#12: Personal Information Exchange packet dissection
+ * Graeme Lunt 2006
+ *
+ * $Id$
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <glib.h>
+#include <epan/packet.h>
+#include <epan/conversation.h>
+#include <epan/oid_resolv.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#include "packet-ber.h"
+#include "packet-pkcs12.h"
+#include "packet-x509af.h"
+#include "packet-x509if.h"
+#include "packet-cms.h"
+
+#define PNAME  "PKCS#12: Personal Information Exchange"
+#define PSNAME "PKCS12"
+#define PFNAME "pkcs12"
+
+/* Initialize the protocol and registered fields */
+int proto_pkcs12 = -1;
+
+static const char *object_identifier_id = NULL; 
+static const gchar *pref_password = NULL;
+
+
+static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
+static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
+
+#include "packet-pkcs12-hf.c"
+
+/* Initialize the subtree pointers */
+#include "packet-pkcs12-ett.c"
+
+#include "packet-pkcs12-fn.c"
+
+static int strip_octet_string(tvbuff_t *tvb, proto_tree *tree) 
+{
+  gint8 class;
+  gboolean pc, ind;
+  gint32 tag;
+  guint32 len;
+  int offset = 0;
+
+  /* PKCS#7 encodes the content as OCTET STRING, whereas CMS is just any ANY */
+  /* if we use CMS (rather than PKCS#7) - which we are - we need to strip the OCTET STRING tag */
+  /* before proceeding */
+
+  offset = get_ber_identifier(tvb, 0, &class, &pc, &tag);
+  offset = get_ber_length(NULL, tvb, offset, &len, &ind);
+
+  if((class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_OCTETSTRING))
+    return offset;
+
+  proto_tree_add_text(tree, tvb, 0, 1, "BER Error: OCTET STRING expected");
+
+  return 0;
+
+}
+
+static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  int offset = 0;
+
+  if((offset = strip_octet_string(tvb, tree)) > 0)
+    dissect_pkcs12_AuthenticatedSafe(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_AuthenticatedSafe_PDU);
+}
+
+static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) 
+{
+  int offset = 0;
+
+  if((offset = strip_octet_string(tvb, tree)) > 0)
+    dissect_pkcs12_SafeContents(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_SafeContents_PDU);
+}
+
+#if 0 
+static int decrypt_data(tvbuff_t *encrypted_data, 
+                       /* enc_params */
+                       gnu_tls_ciper_algorithm cipher,
+                       int iter_count,
+                       /* kdf_params */
+                       gnutls_datum_t *salt, size_t salt_size,
+                       gnutls_datum_t *iv, size_t iv_size,
+                       size_t key_size, 
+                       tvb_buff_t **decrypted_data)
+{
+
+
+  
+
+  if(key_size == 0) 
+    key_size = gnutls_cipher_get_key_size(cipher);
+
+
+}
+                       
+# endif /* 0 */
+
+/*--- proto_register_pkcs12 ----------------------------------------------*/
+void proto_register_pkcs12(void) {
+
+  /* List of fields */
+  static hf_register_info hf[] = {
+
+#include "packet-pkcs12-hfarr.c"
+  };
+
+  /* List of subtrees */
+  static gint *ett[] = {
+#include "packet-pkcs12-ettarr.c"
+  };
+
+  /* Register protocol */
+  proto_pkcs12 = proto_register_protocol(PNAME, PSNAME, PFNAME);
+
+  /* Register fields and subtrees */
+  proto_register_field_array(proto_pkcs12, hf, array_length(hf));
+  proto_register_subtree_array(ett, array_length(ett));
+
+  register_ber_syntax_dissector("PKCS#12", proto_pkcs12, dissect_PFX_PDU); 
+  register_ber_oid_syntax(".p12", NULL, "PKCS#12");
+  register_ber_oid_syntax(".pfx", NULL, "PKCS#12");
+}
+
+
+/*--- proto_reg_handoff_pkcs12 -------------------------------------------*/
+void proto_reg_handoff_pkcs12(void) {
+#include "packet-pkcs12-dis-tab.c"
+
+}
+

diff --git a/asn1/pkcs12/packet-pkcs12-template.h b/asn1/pkcs12/packet-pkcs12-template.h
new file mode 100644 (file)
index 0000000..ec83dd7
--- /dev/null
+++ b/asn1/pkcs12/packet-pkcs12-template.h
@@ -0,0 +1,30 @@
+/* packet-pkcs12.h
+ * Routines for PKCS#12 Personal Information Exchange packet dissection
+ * Graeme Lunt 2006
+ *
+ * $Id$
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifndef PACKET_PKCS12_H
+#define PACKET_PKCS12_H
+
+#endif  /* PACKET_PKCS12_H */
+

diff --git a/asn1/pkcs12/pkcs12.asn b/asn1/pkcs12/pkcs12.asn
new file mode 100644 (file)
index 0000000..70c35d6
--- /dev/null
+++ b/asn1/pkcs12/pkcs12.asn
@@ -0,0 +1,277 @@
+PKCS-12 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
+                 pkcs-12(12) modules(0)  pkcs-12(1)}
+
+-- $Revision$
+
+DEFINITIONS IMPLICIT TAGS ::=
+
+BEGIN
+
+-- EXPORTS ALL
+-- All types and values defined in this module is exported for use in
+-- other ASN.1 modules. 
+
+IMPORTS
+
+--informationFramework
+--        FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
+--        usefulDefinitions(0) 3}
+
+Attribute
+       FROM InformationFramework informationFramework
+
+ContentInfo, --DigestInfo-- Digest, DigestAlgorithmIdentifier
+       FROM PKCS-7 {iso(1) member-body(2) us(840) rsadsi(113549)
+       pkcs(1) pkcs-7(7) modules(0) pkcs-7(1)}
+
+--PrivateKeyInfo, EncryptedPrivateKeyInfo
+--     FROM PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549)
+--     pkcs(1) pkcs-8(8) modules(1) pkcs-8(1)}
+--
+--pkcs-9, friendlyName, localKeyId, certTypes, crlTypes
+--     FROM PKCS-9 {iso(1) member-body(2) us(840) rsadsi(113549)
+--     pkcs(1) pkcs-9(9) modules(0) pkcs-9(1) };--
+
+-- A PKCS#8 IMPORT from below
+AlgorithmIdentifier, ALGORITHM-IDENTIFIER
+        FROM PKCS-5 {iso(1) member-body(2) us(840) rsadsi(113549)
+        pkcs(1) pkcs-5(5) modules(16) pkcs-5(1)};
+
+
+-- Object identifiers
+
+--rsadsi       OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) rsadsi(113549)}
+--pkcs    OBJECT IDENTIFIER ::= {rsadsi pkcs(1)}
+--pkcs-12      OBJECT IDENTIFIER ::= {pkcs 12}
+--pkcs-12PbeIds                        OBJECT IDENTIFIER ::= {pkcs-12 1}
+--pbeWithSHAAnd128BitRC4          OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1}
+--pbeWithSHAAnd40BitRC4           OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2}
+--pbeWithSHAAnd3-KeyTripleDES-CBC      OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
+--pbeWithSHAAnd2-KeyTripleDES-CBC      OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4}
+--pbeWithSHAAnd128BitRC2-CBC      OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5}
+--pbewithSHAAnd40BitRC2-CBC       OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6}
+
+--bagtypes                     OBJECT IDENTIFIER ::= {pkcs-12 10 1}
+
+-- The PFX PDU
+
+PFX ::= SEQUENCE {
+       version         INTEGER {v3(3)}(v3,...),
+       authSafe        ContentInfo,
+       macData         MacData OPTIONAL
+}
+
+MacData ::= SEQUENCE {
+       mac             DigestInfo,
+       macSalt         OCTET STRING,
+       iterations      INTEGER DEFAULT 1
+-- Note: The default is for historical reasons and its use is
+-- deprecated. A higher value, like 1024 is recommended.
+}
+
+-- Imported from PKCS#7
+DigestInfo ::= SEQUENCE {
+        digestAlgorithm DigestAlgorithmIdentifier,
+        digest         Digest
+}
+
+AuthenticatedSafe ::= SEQUENCE OF ContentInfo
+       -- Data if unencrypted
+       -- EncryptedData if password-encrypted
+       -- EnvelopedData if public key-encrypted
+
+SafeContents ::= SEQUENCE OF SafeBag
+
+SafeBag ::= SEQUENCE {
+       bagId           -- BAG-TYPE.&id ({PKCS12BagSet}) -- OBJECT IDENTIFIER,
+       bagValue        [0] EXPLICIT --BAG-TYPE.&Type({PKCS12BagSet}{@bagId}) -- ANY,
+       bagAttributes   SET OF PKCS12Attribute OPTIONAL
+}
+
+-- Bag types
+
+--keyBag         BAG-TYPE ::= 
+--     {KeyBag IDENTIFIED BY {bagtypes 1}}
+--pkcs8ShroudedKeyBag BAG-TYPE ::=
+--     {PKCS8ShroudedKeyBag IDENTIFIED BY {bagtypes 2}}
+--certBag BAG-TYPE ::= 
+--     {CertBag IDENTIFIED BY {bagtypes 3}}
+--crlBag BAG-TYPE ::=
+--     {CRLBag IDENTIFIED BY {bagtypes 4}}
+--secretBag BAG-TYPE ::=    
+--     {SecretBag IDENTIFIED BY {bagtypes 5}}
+--safeContentsBag BAG-TYPE ::=
+--     {SafeContents IDENTIFIED BY {bagtypes 6}}
+
+--PKCS12BagSet BAG-TYPE ::= {
+--     keyBag | 
+--     pkcs8ShroudedKeyBag |
+--     certBag |
+--     crlBag | 
+--     secretBag | 
+--     safeContentsBag,
+--     ... - - For future extensions
+--}
+
+--BAG-TYPE ::= TYPE-IDENTIFIER
+
+-- KeyBag
+
+KeyBag ::= PrivateKeyInfo
+
+-- Shrouded KeyBag
+
+PKCS8ShroudedKeyBag ::= EncryptedPrivateKeyInfo
+
+-- CertBag
+
+CertBag ::= SEQUENCE {
+       certId    --BAG-TYPE.&id   ({CertTypes}) -- OBJECT IDENTIFIER,
+       certValue [0] EXPLICIT --BAG-TYPE.&Type ({CertTypes}{@certId})-- ANY
+}
+
+--x509Certificate BAG-TYPE ::=
+--     {OCTET STRING IDENTIFIED BY {certTypes 1}}
+       -- DER-encoded X.509 certificate stored in OCTET STRING
+--sdsiCertificate BAG-TYPE ::=
+--     {IA5String IDENTIFIED BY {certTypes 2}}
+       -- Base64-encoded SDSI certificate stored in IA5String
+
+--CertTypes BAG-TYPE ::= {
+--     x509Certificate |
+--     sdsiCertificate,
+--     ... - - For future extensions
+--}
+
+-- CRLBag
+
+CRLBag ::= SEQUENCE {
+       crlId           --BAG-TYPE.&id ({CRLTypes})-- OBJECT IDENTIFIER,
+       crlValue        [0] EXPLICIT --BAG-TYPE.&Type ({CRLTypes}{@crlId})-- ANY
+}
+
+--x509CRL BAG-TYPE ::=
+--     {OCTET STRING IDENTIFIED BY {crlTypes 1}}
+       -- DER-encoded X.509 CRL stored in OCTET STRING
+
+--CRLTypes BAG-TYPE ::= {
+--     x509CRL,
+--     ... - - For future extensions
+--}
+
+-- Secret Bag
+
+SecretBag ::= SEQUENCE {
+       secretTypeId --BAG-TYPE.&id ({SecretTypes})-- OBJECT IDENTIFIER,
+       secretValue  [0] EXPLICIT --BAG-TYPE.&Type ({SecretTypes}{@secretTypeId})-- ANY
+}
+
+--SecretTypes BAG-TYPE ::= {
+--     ... - - For future extensions
+--}
+
+-- Attributes
+
+PKCS12Attribute ::= SEQUENCE {
+       attrId          --ATTRIBUTE.&id ({PKCS12AttrSet})-- OBJECT IDENTIFIER,
+       attrValues      SET OF --ATTRIBUTE.&Type ({PKCS12AttrSet}{@attrId})-- ANY
+} -- This type is compatible with the X.500 type 'Attribute'
+
+--PKCS12AttrSet ATTRIBUTE ::= {
+--     friendlyName |
+--     localKeyId,
+--     ... - - Other attributes are allowed
+--}
+
+--END
+
+-- We import PKCS#8 here directly rather than creating another dissector
+
+--PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-8(8)
+--        modules(1) pkcs-8(1)} 
+
+-- $Revision: 1.5 $
+
+-- This module has been checked for conformance with the ASN.1
+-- standard by the OSS ASN.1 Tools
+
+--DEFINITIONS IMPLICIT TAGS ::= 
+
+--BEGIN
+
+-- EXPORTS All --
+-- All types and values defined in this module is exported for use in other
+-- ASN.1 modules.
+
+--IMPORTS
+
+--informationFramework
+--        FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
+--                                usefulDefinitions(0) 3} 
+
+--Attribute
+--        FROM InformationFramework informationFramework
+
+--AlgorithmIdentifier, ALGORITHM-IDENTIFIER
+--        FROM PKCS-5 {iso(1) member-body(2) us(840) rsadsi(113549)
+--        pkcs(1) pkcs-5(5) modules(16) pkcs-5(1)};
+
+-- Private-key information syntax
+
+PrivateKeyInfo ::= SEQUENCE {
+  version Version,
+  privateKeyAlgorithm AlgorithmIdentifier --{{PrivateKeyAlgorithms}}--,
+  privateKey PrivateKey,
+  attributes [0] Attributes OPTIONAL }
+
+Version ::= INTEGER {v1(0)} (v1,...)
+
+PrivateKey ::= OCTET STRING
+
+Attributes ::= SET OF Attribute
+
+-- Encrypted private-key information syntax
+
+EncryptedPrivateKeyInfo ::= SEQUENCE {
+    encryptionAlgorithm AlgorithmIdentifier --{{KeyEncryptionAlgorithms}}--,
+    encryptedData EncryptedData 
+}
+
+EncryptedData ::= OCTET STRING
+
+--PrivateKeyAlgorithms ALGORITHM-IDENTIFIER ::= {
+--    ... - - For local profiles
+--}
+
+--KeyEncryptionAlgorithms ALGORITHM-IDENTIFIER ::= {
+--    ... - - For local profiles
+--}
+
+-- From RFC 2898
+PBEParameter ::= SEQUENCE {
+    salt               OCTET STRING,
+    iterationCount     INTEGER
+}
+
+
+PBKDF2Params ::= SEQUENCE {
+    salt CHOICE {
+        specified OCTET STRING,
+       otherSource AlgorithmIdentifier --{{PBKDF2-SaltSources}}--
+       },
+    iterationCount INTEGER --(1..MAX)--,
+    keyLength INTEGER (1..MAX) OPTIONAL,
+    prf AlgorithmIdentifier --{{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1-- OPTIONAL }
+
+PBES2Params ::= SEQUENCE {
+    keyDerivationFunc AlgorithmIdentifier --{{PBES2-KDFs}}--,
+    encryptionScheme AlgorithmIdentifier --{{PBES2-Encs}}-- }
+
+PBMAC1Params ::=  SEQUENCE {
+    keyDerivationFunc AlgorithmIdentifier --{{PBMAC1-KDFs}}--,
+    messageAuthScheme AlgorithmIdentifier --{{PBMAC1-MACs}}-- }
+
+
+END
+
+

diff --git a/asn1/pkcs12/pkcs12.cnf b/asn1/pkcs12/pkcs12.cnf
new file mode 100644 (file)
index 0000000..4a86238
--- /dev/null
+++ b/asn1/pkcs12/pkcs12.cnf
@@ -0,0 +1,117 @@
+# pkcs12.cnf
+# PKCS12 conformation file
+
+# $Id$
+
+#.MODULE_IMPORT
+PKCS-7 cms
+PKCS-5 x509af
+
+#.INCLUDE ../cms/cms-exp.cnf
+#.INCLUDE ../x509if/x509if-exp.cnf
+#.INCLUDE ../x509af/x509af-exp.cnf
+
+#.EXPORTS
+
+
+#.REGISTER
+KeyBag                 B "1.2.840.113549.1.12.10.1.1"  "keyBag"
+PKCS8ShroudedKeyBag    B "1.2.840.113549.1.12.10.1.2"  "pkcs8ShroudedKeyBag"
+CertBag                        B "1.2.840.113549.1.12.10.1.3"  "certBag"
+SecretBag              B "1.2.840.113549.1.12.10.1.4"  "secretBag"
+CRLBag                 B "1.2.840.113549.1.12.10.1.5"  "crlBag"
+SafeContents           B "1.2.840.113549.1.12.10.1.6"  "safeContentsBag"
+
+# PKCS#9 Attributes - see master list in x509sat.cnf
+PFX                    B "2.16.840.1.113730.3.1.216"   "pkcs-9-at-PKCS12"
+EncryptedPrivateKeyInfo        B "1.2.840.113549.1.9.25.2"     "pkcs-9-at-encryptedPrivateKeyInfo" 
+
+# Password Based Encryption
+PBEParameter           B "1.2.840.113549.1.12.1.1" "pbeWithSHAAnd128BitRC4"
+PBEParameter           B "1.2.840.113549.1.12.1.2" "pbeWithSHAAnd40BitRC4"
+PBEParameter           B "1.2.840.113549.1.12.1.3" "pbeWithSHAAnd3-KeyTripleDES-CBC"
+PBEParameter           B "1.2.840.113549.1.12.1.4" "pbeWithSHAAnd2-KeyTripleDES-CBC"
+PBEParameter           B "1.2.840.113549.1.12.1.5" "pbeWithSHAAnd128BitRC2-CBC"
+PBEParameter           B "1.2.840.113549.1.12.1.6" "pbeWithSHAAnd128BitRC2-CBC"
+
+PBEParameter           B "1.2.840.113549.1.5.1" "pbeWithMD2AndDES-CBC"
+PBEParameter           B "1.2.840.113549.1.5.3" "pbeWithMD5AndDES-CBC"
+PBEParameter           B "1.2.840.113549.1.5.4" "pbeWithMD2AndRC2-CBC"
+PBEParameter           B "1.2.840.113549.1.5.6" "pbeWithMD5AndRC2-CBC"
+PBEParameter           B "1.2.840.113549.1.5.10" "pbeWithSHA1AndDES-CBC"
+PBEParameter           B "1.2.840.113549.1.5.11" "pbeWithSHA1AndRC2-CBC"
+
+PBKDF2Params           B "1.2.840.113549.1.5.12" "id-PBKDF2"
+PBES2Params            B "1.2.840.113549.1.5.13" "id-PBES2"
+PBMAC1Params           B "1.2.840.113549.1.5.14" "id-PBMAC1"
+
+#.NO_EMIT
+
+#.TYPE_RENAME
+
+#.FIELD_RENAME
+PrivateKeyInfo/version         privateKeyVersion
+PBKDF2Params/salt              saltChoice
+
+#.PDU
+AuthenticatedSafe
+
+#.FN_BODY PFX
+       dissector_handle_t dissector_handle;
+
+       /* we change the CMS id-data dissector to dissect as AuthenticatedSafe
+          not sure why PKCS#12 couldn't have used its own content type OID for AuthenticatedSafe */
+       dissector_handle=create_dissector_handle(dissect_AuthenticatedSafe_OCTETSTRING_PDU, proto_pkcs12);
+       dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
+
+       %(DEFAULT_BODY)s
+
+       /* restore the original dissector */
+       dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
+
+#.FN_BODY AuthenticatedSafe
+       dissector_handle_t dissector_handle;
+
+       /* we change the CMS id-data dissector to dissect as SafeContents */
+       dissector_handle=create_dissector_handle(dissect_SafeContents_OCTETSTRING_PDU, proto_pkcs12);
+       dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
+
+       %(DEFAULT_BODY)s
+
+       /* restore the original dissector */
+       dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
+
+#.FN_PARS OBJECT_IDENTIFIER
+       FN_VARIANT = _str VAL_PTR = &object_identifier_id
+
+#.FN_BODY OBJECT_IDENTIFIER
+       const char *name = NULL;
+
+       %(DEFAULT_BODY)s
+  
+       name = get_oid_str_name(object_identifier_id);
+       proto_item_append_text(tree, " (%%s)", name ? name : object_identifier_id); 
+
+#.FN_BODY T_bagValue   
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+#.FN_BODY T_attrValues_item    
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+#.FN_BODY T_certValue
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+#.FN_BODY T_crlValue
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+#.FN_BODY T_secretValue
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+#.END
+
+

diff --git a/asn1/x509sat/x509sat-exp.cnf b/asn1/x509sat/x509sat-exp.cnf
index 9be756f64177fd4a73af591752ce63849aee1a15..6def1c478d524754254b99cb607f35d4ce5065af 100644 (file)
--- a/asn1/x509sat/x509sat-exp.cnf
+++ b/asn1/x509sat/x509sat-exp.cnf
@@ -1,6 +1,6 @@
 # Do not modify this file.
 # It is created automatically by the ASN.1 to Wireshark dissector compiler
-# .\x509sat-exp.cnf
+# ./x509sat-exp.cnf
 # ../../tools/asn2wrs.py -b -e -p x509sat -c x509sat.cnf -s packet-x509sat-template SelectedAttributeTypes.asn
 
 #.MODULE

diff --git a/asn1/x509sat/x509sat.cnf b/asn1/x509sat/x509sat.cnf
index 8424ff7ba82ec7310a7e76a7646e2880da020c40..d3a8b2c9ed70118aefd277bb6183c5c29493cd6f 100644 (file)
--- a/asn1/x509sat/x509sat.cnf
+++ b/asn1/x509sat/x509sat.cnf
@@ -233,6 +233,34 @@ DirectoryString B "2.16.840.1.101.2.2.1.143" "id-at-adminConversion"
 SyntaxPrintableString B "2.16.840.1.101.2.2.1.144" "id-at-tCCG"
 DirectoryString B "2.16.840.1.101.2.2.1.145" "id-at-usdConversion"
 
+# PKCS#9
+
+SyntaxIA5String        B "1.2.840.113549.1.9.1"        "pkcs-9-at-emailAddress"
+#PKCS9String   B "1.2.840.113549.1.9.2"        "pkcs-9-at-unstructuredName" - TBD
+#ContentType   B "1.2.840.113549.1.9.3"        "pkcs-9-at-contentType" - see cms.cnf
+#MessageDigest         B "1.2.840.113549.1.9.4"        "pkcs-9-at-messageDigest" - see cms.cnf
+#SigningTime   B "1.2.840.113549.1.9.5"        "pkcs-9-at-signingTime" - see cms.cnf
+#Countersignature      B "1.2.840.113549.1.9.6"        "pkcs-9-at-counterSignature" - see cms.cnf
+DirectoryString        B "1.2.840.113549.1.9.7"        "pkcs-9-at-challengePassword"
+DirectoryString        B "1.2.840.113549.1.9.8"        "pkcs-9-at-unstructuredAddress"
+#SETOFAttribute        B "1.2.840.113549.1.9.9"        "pkcs-9-at-extendedCertificateAttributes" - TBD
+DirectoryString        B "1.2.840.113549.1.9.13"       "pkcs-9-at-signingDescription"
+#ExtensionRequest      B "1.2.840.113549.1.9.14"       "pkcs-9-at-extensionRequest" - TBD
+#SMIMECapabiliaties    B "1.2.840.113549.1.9.15"       "pkcs-9-at-smimeCapabilities" - TBD
+SyntaxBMPString        B "1.2.840.113549.1.9.20"       "pkcs-9-at-friendlyName"
+OctetString    B "1.2.840.113549.1.9.21"       "pkcs-9-at-localKeyId"
+#PFX           B "2.16.840.1.113730.3.1.216"   "pkcs-9-at-PKCS12" - see pkcs12.cnf
+#PKCS15Token   B "1.2.840.113549.1.9.25.1"     "pkcs-9-at-pkcs15Token" - TBD
+#EncryptedPrivateKeyInfo       B "1.2.840.113549.1.9.25.2"     "pkcs-9-at-encryptedPrivateKeyInfo" - see pkcs12.cnf
+OctetString    B "1.2.840.113549.1.9.25.3"     "pkcs-9-at-randomNonce" # move to PKCS#9 when defined
+Integer                B "1.2.840.113549.1.9.25.4"     "pkcs-9-at-sequenceNumber" # move to PKCS#9 when defined
+#ContentInfo   B "1.2.840.113549.1.9.25.5"     "pkcs-9-at-pkcs7PDU" - TBD - not the same as CMS ContentInfo
+
+SyntaxGeneralizedTime B "1.3.6.1.5.5.7.9.1"            "pkcs-9-at-dateOfBirth"
+DirectoryString        B "1.3.6.1.5.5.7.9.2"           "pkcs-9-at-placeOfBirth"
+SyntaxPrintableString  B "1.3.6.1.5.5.7.9.3"           "pkcs-9-at-gender"
+SyntaxPrintableString B "1.3.6.1.5.5.7.9.4"            "pkcs-9-at-countryOfCitizenship"
+SyntaxPrintableString  B "1.3.6.1.5.5.7.9.5"           "pkcs-9-at-countryOfResidence"
 
 #.NO_EMIT
 

diff --git a/epan/dissectors/Makefile.common b/epan/dissectors/Makefile.common
index d88c1d54fd84c1e92147ae6c2971e25785052afe..0287d2e08488daf52e02c6fa710b9953d29fc38f 100644 (file)
--- a/epan/dissectors/Makefile.common
+++ b/epan/dissectors/Makefile.common
@@ -519,8 +519,9 @@ DISSECTOR_SRC =     \
        packet-pgm.c    \
        packet-pim.c    \
        packet-pingpongprotocol.c       \
-       packet-pn-rt.c   \
+       packet-pn-rt.c  \
        packet-pkcs1.c  \
+       packet-pkcs12.c \
        packet-pkix1explicit.c  \
        packet-pkix1implicit.c  \
        packet-pkixproxy.c      \
@@ -908,6 +909,7 @@ DISSECTOR_INCLUDES =        \
        packet-pflog.h  \
        packet-pim.h    \
        packet-pkcs1.h  \
+       packet-pkcs12.h \
        packet-pkix1explicit.h  \
        packet-pkix1implicit.h  \
        packet-pkixproxy.h      \

diff --git a/epan/dissectors/packet-ber.c b/epan/dissectors/packet-ber.c
index c3f6571737abbd7196ac574f18fb7aa21b394817..c3ff73fe1d6096e8541513ef4c556c8f6ea2cbb1 100644 (file)
--- a/epan/dissectors/packet-ber.c
+++ b/epan/dissectors/packet-ber.c
@@ -259,7 +259,7 @@ void ber_decode_as(gchar *syntax)
 }
 
 /* Get oid syntax from hash table to get translation in proto dissection(packet-per.c) */
-const char *
+const gchar *
 get_ber_oid_syntax(const char *oid)
 {
        return g_hash_table_lookup(syntax_table, oid);
@@ -280,7 +280,7 @@ void ber_set_filename(gchar *filename)
 
     if((ptr = strrchr(ber_filename, '.')) != NULL) {
       
-      ber_decode_as(get_ber_oid_syntax(ptr));
+      ber_decode_as((gchar *)get_ber_oid_syntax(ptr));
 
     }
   }

diff --git a/epan/dissectors/packet-cms.c b/epan/dissectors/packet-cms.c
index bf3ee445cfecd001badc9d2555233342b4df8e5d..fc0a33cd6beb5329ee0cd6071835923624002c79 100644 (file)
--- a/epan/dissectors/packet-cms.c
+++ b/epan/dissectors/packet-cms.c
@@ -71,7 +71,7 @@ static int hf_cms_AuthenticatedData_PDU = -1;     /* AuthenticatedData */
 static int hf_cms_MessageDigest_PDU = -1;         /* MessageDigest */
 static int hf_cms_SigningTime_PDU = -1;           /* SigningTime */
 static int hf_cms_Countersignature_PDU = -1;      /* Countersignature */
-static int hf_cms_contentType = -1;               /* T_contentType */
+static int hf_cms_contentType = -1;               /* ContentType */
 static int hf_cms_content = -1;                   /* T_content */
 static int hf_cms_version = -1;                   /* CMSVersion */
 static int hf_cms_digestAlgorithms = -1;          /* DigestAlgorithmIdentifiers */
@@ -81,7 +81,7 @@ static int hf_cms_crls = -1;                      /* CertificateRevocationLists
 static int hf_cms_signerInfos = -1;               /* SignerInfos */
 static int hf_cms_DigestAlgorithmIdentifiers_item = -1;  /* DigestAlgorithmIdentifier */
 static int hf_cms_SignerInfos_item = -1;          /* SignerInfo */
-static int hf_cms_eContentType = -1;              /* T_eContentType */
+static int hf_cms_eContentType = -1;              /* ContentType */
 static int hf_cms_eContent = -1;                  /* T_eContent */
 static int hf_cms_sid = -1;                       /* SignerIdentifier */
 static int hf_cms_digestAlgorithm = -1;           /* DigestAlgorithmIdentifier */
@@ -302,39 +302,41 @@ static int dissect_serialNumber(packet_info *pinfo, proto_tree *tree, tvbuff_t *
 
 int
 dissect_cms_ContentType(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-  offset = dissect_ber_object_identifier(implicit_tag, pinfo, tree, tvb, offset, hf_index, NULL);
+#line 62 "cms.cnf"
+       const char *name = NULL;
 
-  return offset;
-}
-static int dissect_encryptedContentType(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
-  return dissect_cms_ContentType(FALSE, tvb, offset, pinfo, tree, hf_cms_encryptedContentType);
-}
+         offset = dissect_ber_object_identifier_str(implicit_tag, pinfo, tree, tvb, offset, hf_index, &object_identifier_id);
 
 
-
-static int
-dissect_cms_T_contentType(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-#line 56 "cms.cnf"
-  offset = dissect_ber_object_identifier_str(FALSE, pinfo, tree, tvb, offset,
-                                         hf_cms_ci_contentType, &object_identifier_id);
+       if(object_identifier_id) {  
+               name = get_oid_str_name(object_identifier_id);
+               proto_item_append_text(tree, " (%s)", name ? name : object_identifier_id); 
+       }
 
 
 
   return offset;
 }
 static int dissect_contentType(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
-  return dissect_cms_T_contentType(FALSE, tvb, offset, pinfo, tree, hf_cms_contentType);
+  return dissect_cms_ContentType(FALSE, tvb, offset, pinfo, tree, hf_cms_contentType);
+}
+static int dissect_eContentType(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_cms_ContentType(FALSE, tvb, offset, pinfo, tree, hf_cms_eContentType);
+}
+static int dissect_encryptedContentType(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_cms_ContentType(FALSE, tvb, offset, pinfo, tree, hf_cms_encryptedContentType);
 }
 
 
 
 static int
 dissect_cms_T_content(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-#line 60 "cms.cnf"
+#line 72 "cms.cnf"
   offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
 
 
 
+
   return offset;
 }
 static int dissect_content(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
@@ -350,7 +352,7 @@ static const ber_sequence_t ContentInfo_sequence[] = {
 
 int
 dissect_cms_ContentInfo(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-#line 50 "cms.cnf"
+#line 53 "cms.cnf"
   top_tree = tree;
     offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
                                    ContentInfo_sequence, hf_index, ett_cms_ContentInfo);
@@ -387,7 +389,7 @@ static int dissect_version(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb,
 
 
 
-static int
+int
 dissect_cms_DigestAlgorithmIdentifier(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
   offset = dissect_x509af_AlgorithmIdentifier(implicit_tag, tvb, offset, pinfo, tree, hf_index);
 
@@ -421,25 +423,9 @@ static int dissect_digestAlgorithms(packet_info *pinfo, proto_tree *tree, tvbuff
 
 
 
-static int
-dissect_cms_T_eContentType(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-#line 63 "cms.cnf"
-  offset = dissect_ber_object_identifier_str(FALSE, pinfo, tree, tvb, offset,
-                                         hf_cms_ci_contentType, &object_identifier_id);
-
-
-
-  return offset;
-}
-static int dissect_eContentType(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
-  return dissect_cms_T_eContentType(FALSE, tvb, offset, pinfo, tree, hf_cms_eContentType);
-}
-
-
-
 static int
 dissect_cms_T_eContent(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-#line 67 "cms.cnf"
+#line 76 "cms.cnf"
   gint8 class;
   gboolean pc, ind;
   gint32 tag;
@@ -454,6 +440,7 @@ dissect_cms_T_eContent(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, pac
   content_offset = pdu_offset = get_ber_length(tree, tvb, pdu_offset, &len, &ind);
   pdu_offset = call_ber_oid_callback(object_identifier_id, tvb, pdu_offset, pinfo, top_tree ? top_tree : tree);
   
+  /* save the content for checking the message digest */       
   content_tvb = tvb_new_subset(tvb, content_offset, len, -1);
 
 
@@ -486,7 +473,7 @@ static int dissect_encapContentInfo(packet_info *pinfo, proto_tree *tree, tvbuff
 
 static int
 dissect_cms_T_attrType(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-#line 94 "cms.cnf"
+#line 104 "cms.cnf"
   const char *name = NULL;
 
     offset = dissect_ber_object_identifier_str(implicit_tag, pinfo, tree, tvb, offset, hf_cms_attrType, &object_identifier_id);
@@ -509,7 +496,7 @@ static int dissect_attrType(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb,
 
 static int
 dissect_cms_AttributeValue(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-#line 104 "cms.cnf"
+#line 114 "cms.cnf"
 
   offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
 
@@ -1065,7 +1052,7 @@ static int dissect_keyAttrId(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb
 
 static int
 dissect_cms_T_keyAttr(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-#line 87 "cms.cnf"
+#line 97 "cms.cnf"
   offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
 
 
@@ -1369,7 +1356,7 @@ dissect_cms_EnvelopedData(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset,
 
 
 
-static int
+int
 dissect_cms_Digest(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
   offset = dissect_ber_octet_string(implicit_tag, pinfo, tree, tvb, offset, hf_index,
                                        NULL);
@@ -1480,7 +1467,7 @@ dissect_cms_AuthenticatedData(gboolean implicit_tag _U_, tvbuff_t *tvb, int offs
 
 static int
 dissect_cms_MessageDigest(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
-#line 108 "cms.cnf"
+#line 118 "cms.cnf"
   proto_item *pi;
   int old_offset = offset;
 
@@ -1648,7 +1635,7 @@ void proto_register_cms(void) {
     { &hf_cms_contentType,
       { "contentType", "cms.contentType",
         FT_OID, BASE_NONE, NULL, 0,
-        "cms.T_contentType", HFILL }},
+        "cms.ContentType", HFILL }},
     { &hf_cms_content,
       { "content", "cms.content",
         FT_NONE, BASE_NONE, NULL, 0,
@@ -1688,7 +1675,7 @@ void proto_register_cms(void) {
     { &hf_cms_eContentType,
       { "eContentType", "cms.eContentType",
         FT_OID, BASE_NONE, NULL, 0,
-        "cms.T_eContentType", HFILL }},
+        "cms.ContentType", HFILL }},
     { &hf_cms_eContent,
       { "eContent", "cms.eContent",
         FT_BYTES, BASE_HEX, NULL, 0,
@@ -2031,5 +2018,8 @@ void proto_reg_handoff_cms(void) {
 
 /*--- End of included file: packet-cms-dis-tab.c ---*/
 #line 165 "packet-cms-template.c"
+
+  add_oid_str_name("1.2.840.113549.1.7.1", "id-data");
+
 }
 

diff --git a/epan/dissectors/packet-cms.h b/epan/dissectors/packet-cms.h
index c188ad70295b7e20f544a541841cbe2e12494d40..d0f17526a2bf54b02740835848795a2267d42be7 100644 (file)
--- a/epan/dissectors/packet-cms.h
+++ b/epan/dissectors/packet-cms.h
@@ -50,6 +50,8 @@ int dissect_cms_SignedAttributes(gboolean implicit_tag, tvbuff_t *tvb, int offse
 int dissect_cms_UnsignedAttributes(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
 int dissect_cms_SignatureValue(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
 int dissect_cms_EnvelopedData(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
+int dissect_cms_Digest(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
+int dissect_cms_DigestAlgorithmIdentifier(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
 int dissect_cms_IssuerAndSerialNumber(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
 int dissect_cms_Countersignature(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index);
 

diff --git a/epan/dissectors/packet-pkcs12.c b/epan/dissectors/packet-pkcs12.c
new file mode 100644 (file)
index 0000000..4a04c10
--- /dev/null
+++ b/epan/dissectors/packet-pkcs12.c
@@ -0,0 +1,1203 @@
+/* Do not modify this file.                                                   */
+/* It is created automatically by the ASN.1 to Wireshark dissector compiler   */
+/* ./packet-pkcs12.c                                                          */
+/* ../../tools/asn2wrs.py -b -e -p pkcs12 -c pkcs12.cnf -s packet-pkcs12-template pkcs12.asn */
+
+/* Input file: packet-pkcs12-template.c */
+
+#line 1 "packet-pkcs12-template.c"
+/* packet-pkcs12.c
+ * Routines for PKCS#12: Personal Information Exchange packet dissection
+ * Graeme Lunt 2006
+ *
+ * $Id$
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <glib.h>
+#include <epan/packet.h>
+#include <epan/conversation.h>
+#include <epan/oid_resolv.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#include "packet-ber.h"
+#include "packet-pkcs12.h"
+#include "packet-x509af.h"
+#include "packet-x509if.h"
+#include "packet-cms.h"
+
+#define PNAME  "PKCS#12: Personal Information Exchange"
+#define PSNAME "PKCS12"
+#define PFNAME "pkcs12"
+
+/* Initialize the protocol and registered fields */
+int proto_pkcs12 = -1;
+
+static const char *object_identifier_id = NULL; 
+static const gchar *pref_password = NULL;
+
+
+static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
+static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
+
+
+/*--- Included file: packet-pkcs12-hf.c ---*/
+#line 1 "packet-pkcs12-hf.c"
+static int hf_pkcs12_PFX_PDU = -1;                /* PFX */
+static int hf_pkcs12_AuthenticatedSafe_PDU = -1;  /* AuthenticatedSafe */
+static int hf_pkcs12_SafeContents_PDU = -1;       /* SafeContents */
+static int hf_pkcs12_KeyBag_PDU = -1;             /* KeyBag */
+static int hf_pkcs12_PKCS8ShroudedKeyBag_PDU = -1;  /* PKCS8ShroudedKeyBag */
+static int hf_pkcs12_CertBag_PDU = -1;            /* CertBag */
+static int hf_pkcs12_CRLBag_PDU = -1;             /* CRLBag */
+static int hf_pkcs12_SecretBag_PDU = -1;          /* SecretBag */
+static int hf_pkcs12_EncryptedPrivateKeyInfo_PDU = -1;  /* EncryptedPrivateKeyInfo */
+static int hf_pkcs12_PBEParameter_PDU = -1;       /* PBEParameter */
+static int hf_pkcs12_PBKDF2Params_PDU = -1;       /* PBKDF2Params */
+static int hf_pkcs12_PBES2Params_PDU = -1;        /* PBES2Params */
+static int hf_pkcs12_PBMAC1Params_PDU = -1;       /* PBMAC1Params */
+static int hf_pkcs12_version = -1;                /* T_version */
+static int hf_pkcs12_authSafe = -1;               /* ContentInfo */
+static int hf_pkcs12_macData = -1;                /* MacData */
+static int hf_pkcs12_mac = -1;                    /* DigestInfo */
+static int hf_pkcs12_macSalt = -1;                /* OCTET_STRING */
+static int hf_pkcs12_iterations = -1;             /* INTEGER */
+static int hf_pkcs12_digestAlgorithm = -1;        /* DigestAlgorithmIdentifier */
+static int hf_pkcs12_digest = -1;                 /* Digest */
+static int hf_pkcs12_AuthenticatedSafe_item = -1;  /* ContentInfo */
+static int hf_pkcs12_SafeContents_item = -1;      /* SafeBag */
+static int hf_pkcs12_bagId = -1;                  /* OBJECT_IDENTIFIER */
+static int hf_pkcs12_bagValue = -1;               /* T_bagValue */
+static int hf_pkcs12_bagAttributes = -1;          /* SET_OF_PKCS12Attribute */
+static int hf_pkcs12_bagAttributes_item = -1;     /* PKCS12Attribute */
+static int hf_pkcs12_certId = -1;                 /* OBJECT_IDENTIFIER */
+static int hf_pkcs12_certValue = -1;              /* T_certValue */
+static int hf_pkcs12_crlId = -1;                  /* OBJECT_IDENTIFIER */
+static int hf_pkcs12_crlValue = -1;               /* T_crlValue */
+static int hf_pkcs12_secretTypeId = -1;           /* OBJECT_IDENTIFIER */
+static int hf_pkcs12_secretValue = -1;            /* T_secretValue */
+static int hf_pkcs12_attrId = -1;                 /* OBJECT_IDENTIFIER */
+static int hf_pkcs12_attrValues = -1;             /* T_attrValues */
+static int hf_pkcs12_attrValues_item = -1;        /* T_attrValues_item */
+static int hf_pkcs12_privateKeyVersion = -1;      /* Version */
+static int hf_pkcs12_privateKeyAlgorithm = -1;    /* AlgorithmIdentifier */
+static int hf_pkcs12_privateKey = -1;             /* PrivateKey */
+static int hf_pkcs12_attributes = -1;             /* Attributes */
+static int hf_pkcs12_Attributes_item = -1;        /* Attribute */
+static int hf_pkcs12_encryptionAlgorithm = -1;    /* AlgorithmIdentifier */
+static int hf_pkcs12_encryptedData = -1;          /* EncryptedData */
+static int hf_pkcs12_salt = -1;                   /* OCTET_STRING */
+static int hf_pkcs12_iterationCount = -1;         /* INTEGER */
+static int hf_pkcs12_saltChoice = -1;             /* T_saltChoice */
+static int hf_pkcs12_specified = -1;              /* OCTET_STRING */
+static int hf_pkcs12_otherSource = -1;            /* AlgorithmIdentifier */
+static int hf_pkcs12_keyLength = -1;              /* INTEGER_1_MAX */
+static int hf_pkcs12_prf = -1;                    /* AlgorithmIdentifier */
+static int hf_pkcs12_keyDerivationFunc = -1;      /* AlgorithmIdentifier */
+static int hf_pkcs12_encryptionScheme = -1;       /* AlgorithmIdentifier */
+static int hf_pkcs12_messageAuthScheme = -1;      /* AlgorithmIdentifier */
+
+/*--- End of included file: packet-pkcs12-hf.c ---*/
+#line 59 "packet-pkcs12-template.c"
+
+/* Initialize the subtree pointers */
+
+/*--- Included file: packet-pkcs12-ett.c ---*/
+#line 1 "packet-pkcs12-ett.c"
+static gint ett_pkcs12_PFX = -1;
+static gint ett_pkcs12_MacData = -1;
+static gint ett_pkcs12_DigestInfo = -1;
+static gint ett_pkcs12_AuthenticatedSafe = -1;
+static gint ett_pkcs12_SafeContents = -1;
+static gint ett_pkcs12_SafeBag = -1;
+static gint ett_pkcs12_SET_OF_PKCS12Attribute = -1;
+static gint ett_pkcs12_CertBag = -1;
+static gint ett_pkcs12_CRLBag = -1;
+static gint ett_pkcs12_SecretBag = -1;
+static gint ett_pkcs12_PKCS12Attribute = -1;
+static gint ett_pkcs12_T_attrValues = -1;
+static gint ett_pkcs12_PrivateKeyInfo = -1;
+static gint ett_pkcs12_Attributes = -1;
+static gint ett_pkcs12_EncryptedPrivateKeyInfo = -1;
+static gint ett_pkcs12_PBEParameter = -1;
+static gint ett_pkcs12_PBKDF2Params = -1;
+static gint ett_pkcs12_T_saltChoice = -1;
+static gint ett_pkcs12_PBES2Params = -1;
+static gint ett_pkcs12_PBMAC1Params = -1;
+
+/*--- End of included file: packet-pkcs12-ett.c ---*/
+#line 62 "packet-pkcs12-template.c"
+
+
+/*--- Included file: packet-pkcs12-fn.c ---*/
+#line 1 "packet-pkcs12-fn.c"
+/*--- Fields for imported types ---*/
+
+static int dissect_authSafe(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_cms_ContentInfo(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_authSafe);
+}
+static int dissect_digestAlgorithm(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_cms_DigestAlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_digestAlgorithm);
+}
+static int dissect_digest(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_cms_Digest(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_digest);
+}
+static int dissect_AuthenticatedSafe_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_cms_ContentInfo(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_AuthenticatedSafe_item);
+}
+static int dissect_privateKeyAlgorithm(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_privateKeyAlgorithm);
+}
+static int dissect_Attributes_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509if_Attribute(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_Attributes_item);
+}
+static int dissect_encryptionAlgorithm(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_encryptionAlgorithm);
+}
+static int dissect_otherSource(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_otherSource);
+}
+static int dissect_prf(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_prf);
+}
+static int dissect_keyDerivationFunc(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_keyDerivationFunc);
+}
+static int dissect_encryptionScheme(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_encryptionScheme);
+}
+static int dissect_messageAuthScheme(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_x509af_AlgorithmIdentifier(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_messageAuthScheme);
+}
+
+
+static const value_string pkcs12_T_version_vals[] = {
+  {   3, "v3" },
+  { 0, NULL }
+};
+
+
+static int
+dissect_pkcs12_T_version(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_integer(implicit_tag, pinfo, tree, tvb, offset, hf_index,
+                                  NULL);
+
+  return offset;
+}
+static int dissect_version(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_T_version(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_version);
+}
+
+
+static const ber_sequence_t DigestInfo_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_digestAlgorithm },
+  { BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_digest },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_DigestInfo(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   DigestInfo_sequence, hf_index, ett_pkcs12_DigestInfo);
+
+  return offset;
+}
+static int dissect_mac(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_DigestInfo(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_mac);
+}
+
+
+
+static int
+dissect_pkcs12_OCTET_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_octet_string(implicit_tag, pinfo, tree, tvb, offset, hf_index,
+                                       NULL);
+
+  return offset;
+}
+static int dissect_macSalt(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_OCTET_STRING(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_macSalt);
+}
+static int dissect_salt(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_OCTET_STRING(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_salt);
+}
+static int dissect_specified(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_OCTET_STRING(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_specified);
+}
+
+
+
+static int
+dissect_pkcs12_INTEGER(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_integer(implicit_tag, pinfo, tree, tvb, offset, hf_index,
+                                  NULL);
+
+  return offset;
+}
+static int dissect_iterations(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_INTEGER(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_iterations);
+}
+static int dissect_iterationCount(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_INTEGER(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_iterationCount);
+}
+
+
+static const ber_sequence_t MacData_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_mac },
+  { BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_macSalt },
+  { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_iterations },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_MacData(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   MacData_sequence, hf_index, ett_pkcs12_MacData);
+
+  return offset;
+}
+static int dissect_macData(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_MacData(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_macData);
+}
+
+
+static const ber_sequence_t PFX_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_version },
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_authSafe },
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_macData },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_PFX(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+#line 60 "pkcs12.cnf"
+       dissector_handle_t dissector_handle;
+
+       /* we change the CMS id-data dissector to dissect as AuthenticatedSafe
+          not sure why PKCS#12 couldn't have used its own content type OID for AuthenticatedSafe */
+       dissector_handle=create_dissector_handle(dissect_AuthenticatedSafe_OCTETSTRING_PDU, proto_pkcs12);
+       dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
+
+         offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   PFX_sequence, hf_index, ett_pkcs12_PFX);
+
+
+       /* restore the original dissector */
+       dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
+
+
+
+  return offset;
+}
+
+
+static const ber_sequence_t AuthenticatedSafe_sequence_of[1] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_AuthenticatedSafe_item },
+};
+
+static int
+dissect_pkcs12_AuthenticatedSafe(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+#line 73 "pkcs12.cnf"
+       dissector_handle_t dissector_handle;
+
+       /* we change the CMS id-data dissector to dissect as SafeContents */
+       dissector_handle=create_dissector_handle(dissect_SafeContents_OCTETSTRING_PDU, proto_pkcs12);
+       dissector_change_string("ber.oid", "1.2.840.113549.1.7.1", dissector_handle);
+
+         offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
+                                      AuthenticatedSafe_sequence_of, hf_index, ett_pkcs12_AuthenticatedSafe);
+
+
+       /* restore the original dissector */
+       dissector_reset_string("ber.oid", "1.2.840.113549.1.7.1");
+
+
+
+  return offset;
+}
+
+
+
+static int
+dissect_pkcs12_OBJECT_IDENTIFIER(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+#line 88 "pkcs12.cnf"
+       const char *name = NULL;
+
+         offset = dissect_ber_object_identifier_str(implicit_tag, pinfo, tree, tvb, offset, hf_index, &object_identifier_id);
+
+  
+       name = get_oid_str_name(object_identifier_id);
+       proto_item_append_text(tree, " (%s)", name ? name : object_identifier_id); 
+
+
+
+  return offset;
+}
+static int dissect_bagId(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_OBJECT_IDENTIFIER(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_bagId);
+}
+static int dissect_certId(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_OBJECT_IDENTIFIER(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_certId);
+}
+static int dissect_crlId(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_OBJECT_IDENTIFIER(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_crlId);
+}
+static int dissect_secretTypeId(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_OBJECT_IDENTIFIER(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_secretTypeId);
+}
+static int dissect_attrId(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_OBJECT_IDENTIFIER(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_attrId);
+}
+
+
+
+static int
+dissect_pkcs12_T_bagValue(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+#line 96 "pkcs12.cnf"
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+
+
+  return offset;
+}
+static int dissect_bagValue(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_T_bagValue(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_bagValue);
+}
+
+
+
+static int
+dissect_pkcs12_T_attrValues_item(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+#line 100 "pkcs12.cnf"
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+
+
+  return offset;
+}
+static int dissect_attrValues_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_T_attrValues_item(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_attrValues_item);
+}
+
+
+static const ber_sequence_t T_attrValues_set_of[1] = {
+  { BER_CLASS_ANY, 0, BER_FLAGS_NOOWNTAG, dissect_attrValues_item },
+};
+
+static int
+dissect_pkcs12_T_attrValues(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_set_of(implicit_tag, pinfo, tree, tvb, offset,
+                                 T_attrValues_set_of, hf_index, ett_pkcs12_T_attrValues);
+
+  return offset;
+}
+static int dissect_attrValues(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_T_attrValues(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_attrValues);
+}
+
+
+static const ber_sequence_t PKCS12Attribute_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_attrId },
+  { BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_NOOWNTAG, dissect_attrValues },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_PKCS12Attribute(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   PKCS12Attribute_sequence, hf_index, ett_pkcs12_PKCS12Attribute);
+
+  return offset;
+}
+static int dissect_bagAttributes_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_PKCS12Attribute(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_bagAttributes_item);
+}
+
+
+static const ber_sequence_t SET_OF_PKCS12Attribute_set_of[1] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_bagAttributes_item },
+};
+
+static int
+dissect_pkcs12_SET_OF_PKCS12Attribute(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_set_of(implicit_tag, pinfo, tree, tvb, offset,
+                                 SET_OF_PKCS12Attribute_set_of, hf_index, ett_pkcs12_SET_OF_PKCS12Attribute);
+
+  return offset;
+}
+static int dissect_bagAttributes(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_SET_OF_PKCS12Attribute(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_bagAttributes);
+}
+
+
+static const ber_sequence_t SafeBag_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_bagId },
+  { BER_CLASS_CON, 0, 0, dissect_bagValue },
+  { BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_bagAttributes },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_SafeBag(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   SafeBag_sequence, hf_index, ett_pkcs12_SafeBag);
+
+  return offset;
+}
+static int dissect_SafeContents_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_SafeBag(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_SafeContents_item);
+}
+
+
+static const ber_sequence_t SafeContents_sequence_of[1] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_SafeContents_item },
+};
+
+static int
+dissect_pkcs12_SafeContents(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence_of(implicit_tag, pinfo, tree, tvb, offset,
+                                      SafeContents_sequence_of, hf_index, ett_pkcs12_SafeContents);
+
+  return offset;
+}
+
+
+static const value_string pkcs12_Version_vals[] = {
+  {   0, "v1" },
+  { 0, NULL }
+};
+
+
+static int
+dissect_pkcs12_Version(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_integer(implicit_tag, pinfo, tree, tvb, offset, hf_index,
+                                  NULL);
+
+  return offset;
+}
+static int dissect_privateKeyVersion(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_Version(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_privateKeyVersion);
+}
+
+
+
+static int
+dissect_pkcs12_PrivateKey(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_octet_string(implicit_tag, pinfo, tree, tvb, offset, hf_index,
+                                       NULL);
+
+  return offset;
+}
+static int dissect_privateKey(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_PrivateKey(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_privateKey);
+}
+
+
+static const ber_sequence_t Attributes_set_of[1] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_Attributes_item },
+};
+
+static int
+dissect_pkcs12_Attributes(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_set_of(implicit_tag, pinfo, tree, tvb, offset,
+                                 Attributes_set_of, hf_index, ett_pkcs12_Attributes);
+
+  return offset;
+}
+static int dissect_attributes_impl(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_Attributes(TRUE, tvb, offset, pinfo, tree, hf_pkcs12_attributes);
+}
+
+
+static const ber_sequence_t PrivateKeyInfo_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_privateKeyVersion },
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_privateKeyAlgorithm },
+  { BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_privateKey },
+  { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG, dissect_attributes_impl },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_PrivateKeyInfo(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   PrivateKeyInfo_sequence, hf_index, ett_pkcs12_PrivateKeyInfo);
+
+  return offset;
+}
+
+
+
+static int
+dissect_pkcs12_KeyBag(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_pkcs12_PrivateKeyInfo(implicit_tag, tvb, offset, pinfo, tree, hf_index);
+
+  return offset;
+}
+
+
+
+static int
+dissect_pkcs12_EncryptedData(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_octet_string(implicit_tag, pinfo, tree, tvb, offset, hf_index,
+                                       NULL);
+
+  return offset;
+}
+static int dissect_encryptedData(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_EncryptedData(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_encryptedData);
+}
+
+
+static const ber_sequence_t EncryptedPrivateKeyInfo_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_encryptionAlgorithm },
+  { BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_encryptedData },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_EncryptedPrivateKeyInfo(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   EncryptedPrivateKeyInfo_sequence, hf_index, ett_pkcs12_EncryptedPrivateKeyInfo);
+
+  return offset;
+}
+
+
+
+static int
+dissect_pkcs12_PKCS8ShroudedKeyBag(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_pkcs12_EncryptedPrivateKeyInfo(implicit_tag, tvb, offset, pinfo, tree, hf_index);
+
+  return offset;
+}
+
+
+
+static int
+dissect_pkcs12_T_certValue(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+#line 104 "pkcs12.cnf"
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+
+
+  return offset;
+}
+static int dissect_certValue(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_T_certValue(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_certValue);
+}
+
+
+static const ber_sequence_t CertBag_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_certId },
+  { BER_CLASS_CON, 0, 0, dissect_certValue },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_CertBag(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   CertBag_sequence, hf_index, ett_pkcs12_CertBag);
+
+  return offset;
+}
+
+
+
+static int
+dissect_pkcs12_T_crlValue(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+#line 108 "pkcs12.cnf"
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+
+
+  return offset;
+}
+static int dissect_crlValue(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_T_crlValue(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_crlValue);
+}
+
+
+static const ber_sequence_t CRLBag_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_crlId },
+  { BER_CLASS_CON, 0, 0, dissect_crlValue },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_CRLBag(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   CRLBag_sequence, hf_index, ett_pkcs12_CRLBag);
+
+  return offset;
+}
+
+
+
+static int
+dissect_pkcs12_T_secretValue(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+#line 112 "pkcs12.cnf"
+       if(object_identifier_id)
+               offset = call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree);
+
+
+
+  return offset;
+}
+static int dissect_secretValue(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_T_secretValue(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_secretValue);
+}
+
+
+static const ber_sequence_t SecretBag_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_secretTypeId },
+  { BER_CLASS_CON, 0, 0, dissect_secretValue },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_SecretBag(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   SecretBag_sequence, hf_index, ett_pkcs12_SecretBag);
+
+  return offset;
+}
+
+
+static const ber_sequence_t PBEParameter_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_salt },
+  { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_iterationCount },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_PBEParameter(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   PBEParameter_sequence, hf_index, ett_pkcs12_PBEParameter);
+
+  return offset;
+}
+
+
+static const value_string pkcs12_T_saltChoice_vals[] = {
+  {   0, "specified" },
+  {   1, "otherSource" },
+  { 0, NULL }
+};
+
+static const ber_choice_t T_saltChoice_choice[] = {
+  {   0, BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_specified },
+  {   1, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_otherSource },
+  { 0, 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_T_saltChoice(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_choice(pinfo, tree, tvb, offset,
+                                 T_saltChoice_choice, hf_index, ett_pkcs12_T_saltChoice,
+                                 NULL);
+
+  return offset;
+}
+static int dissect_saltChoice(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_T_saltChoice(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_saltChoice);
+}
+
+
+
+static int
+dissect_pkcs12_INTEGER_1_MAX(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_integer(implicit_tag, pinfo, tree, tvb, offset, hf_index,
+                                  NULL);
+
+  return offset;
+}
+static int dissect_keyLength(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) {
+  return dissect_pkcs12_INTEGER_1_MAX(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_keyLength);
+}
+
+
+static const ber_sequence_t PBKDF2Params_sequence[] = {
+  { BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_saltChoice },
+  { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_iterationCount },
+  { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_keyLength },
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_OPTIONAL|BER_FLAGS_NOOWNTAG, dissect_prf },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_PBKDF2Params(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   PBKDF2Params_sequence, hf_index, ett_pkcs12_PBKDF2Params);
+
+  return offset;
+}
+
+
+static const ber_sequence_t PBES2Params_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_keyDerivationFunc },
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_encryptionScheme },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_PBES2Params(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   PBES2Params_sequence, hf_index, ett_pkcs12_PBES2Params);
+
+  return offset;
+}
+
+
+static const ber_sequence_t PBMAC1Params_sequence[] = {
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_keyDerivationFunc },
+  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_messageAuthScheme },
+  { 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs12_PBMAC1Params(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset,
+                                   PBMAC1Params_sequence, hf_index, ett_pkcs12_PBMAC1Params);
+
+  return offset;
+}
+
+/*--- PDUs ---*/
+
+static void dissect_PFX_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_PFX(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_PFX_PDU);
+}
+static void dissect_AuthenticatedSafe_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_AuthenticatedSafe(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_AuthenticatedSafe_PDU);
+}
+static void dissect_SafeContents_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_SafeContents(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_SafeContents_PDU);
+}
+static void dissect_KeyBag_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_KeyBag(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_KeyBag_PDU);
+}
+static void dissect_PKCS8ShroudedKeyBag_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_PKCS8ShroudedKeyBag(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_PKCS8ShroudedKeyBag_PDU);
+}
+static void dissect_CertBag_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_CertBag(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_CertBag_PDU);
+}
+static void dissect_CRLBag_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_CRLBag(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_CRLBag_PDU);
+}
+static void dissect_SecretBag_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_SecretBag(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_SecretBag_PDU);
+}
+static void dissect_EncryptedPrivateKeyInfo_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_EncryptedPrivateKeyInfo(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_EncryptedPrivateKeyInfo_PDU);
+}
+static void dissect_PBEParameter_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_PBEParameter(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_PBEParameter_PDU);
+}
+static void dissect_PBKDF2Params_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_PBKDF2Params(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_PBKDF2Params_PDU);
+}
+static void dissect_PBES2Params_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_PBES2Params(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_PBES2Params_PDU);
+}
+static void dissect_PBMAC1Params_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  dissect_pkcs12_PBMAC1Params(FALSE, tvb, 0, pinfo, tree, hf_pkcs12_PBMAC1Params_PDU);
+}
+
+
+/*--- End of included file: packet-pkcs12-fn.c ---*/
+#line 64 "packet-pkcs12-template.c"
+
+static int strip_octet_string(tvbuff_t *tvb, proto_tree *tree) 
+{
+  gint8 class;
+  gboolean pc, ind;
+  gint32 tag;
+  guint32 len;
+  int offset = 0;
+
+  /* PKCS#7 encodes the content as OCTET STRING, whereas CMS is just any ANY */
+  /* if we use CMS (rather than PKCS#7) - which we are - we need to strip the OCTET STRING tag */
+  /* before proceeding */
+
+  offset = get_ber_identifier(tvb, 0, &class, &pc, &tag);
+  offset = get_ber_length(NULL, tvb, offset, &len, &ind);
+
+  if((class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_OCTETSTRING))
+    return offset;
+
+  proto_tree_add_text(tree, tvb, 0, 1, "BER Error: OCTET STRING expected");
+
+  return 0;
+
+}
+
+static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
+  int offset = 0;
+
+  if((offset = strip_octet_string(tvb, tree)) > 0)
+    dissect_pkcs12_AuthenticatedSafe(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_AuthenticatedSafe_PDU);
+}
+
+static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) 
+{
+  int offset = 0;
+
+  if((offset = strip_octet_string(tvb, tree)) > 0)
+    dissect_pkcs12_SafeContents(FALSE, tvb, offset, pinfo, tree, hf_pkcs12_SafeContents_PDU);
+}
+
+#if 0 
+static int decrypt_data(tvbuff_t *encrypted_data, 
+                       /* enc_params */
+                       gnu_tls_ciper_algorithm cipher,
+                       int iter_count,
+                       /* kdf_params */
+                       gnutls_datum_t *salt, size_t salt_size,
+                       gnutls_datum_t *iv, size_t iv_size,
+                       size_t key_size, 
+                       tvb_buff_t **decrypted_data)
+{
+
+
+  
+
+  if(key_size == 0) 
+    key_size = gnutls_cipher_get_key_size(cipher);
+
+
+}
+                       
+# endif /* 0 */
+
+/*--- proto_register_pkcs12 ----------------------------------------------*/
+void proto_register_pkcs12(void) {
+
+  /* List of fields */
+  static hf_register_info hf[] = {
+
+
+/*--- Included file: packet-pkcs12-hfarr.c ---*/
+#line 1 "packet-pkcs12-hfarr.c"
+    { &hf_pkcs12_PFX_PDU,
+      { "PFX", "pkcs12.PFX",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.PFX", HFILL }},
+    { &hf_pkcs12_AuthenticatedSafe_PDU,
+      { "AuthenticatedSafe", "pkcs12.AuthenticatedSafe",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        "pkcs12.AuthenticatedSafe", HFILL }},
+    { &hf_pkcs12_SafeContents_PDU,
+      { "SafeContents", "pkcs12.SafeContents",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        "pkcs12.SafeContents", HFILL }},
+    { &hf_pkcs12_KeyBag_PDU,
+      { "KeyBag", "pkcs12.KeyBag",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.KeyBag", HFILL }},
+    { &hf_pkcs12_PKCS8ShroudedKeyBag_PDU,
+      { "PKCS8ShroudedKeyBag", "pkcs12.PKCS8ShroudedKeyBag",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.PKCS8ShroudedKeyBag", HFILL }},
+    { &hf_pkcs12_CertBag_PDU,
+      { "CertBag", "pkcs12.CertBag",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.CertBag", HFILL }},
+    { &hf_pkcs12_CRLBag_PDU,
+      { "CRLBag", "pkcs12.CRLBag",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.CRLBag", HFILL }},
+    { &hf_pkcs12_SecretBag_PDU,
+      { "SecretBag", "pkcs12.SecretBag",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.SecretBag", HFILL }},
+    { &hf_pkcs12_EncryptedPrivateKeyInfo_PDU,
+      { "EncryptedPrivateKeyInfo", "pkcs12.EncryptedPrivateKeyInfo",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.EncryptedPrivateKeyInfo", HFILL }},
+    { &hf_pkcs12_PBEParameter_PDU,
+      { "PBEParameter", "pkcs12.PBEParameter",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.PBEParameter", HFILL }},
+    { &hf_pkcs12_PBKDF2Params_PDU,
+      { "PBKDF2Params", "pkcs12.PBKDF2Params",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.PBKDF2Params", HFILL }},
+    { &hf_pkcs12_PBES2Params_PDU,
+      { "PBES2Params", "pkcs12.PBES2Params",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.PBES2Params", HFILL }},
+    { &hf_pkcs12_PBMAC1Params_PDU,
+      { "PBMAC1Params", "pkcs12.PBMAC1Params",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.PBMAC1Params", HFILL }},
+    { &hf_pkcs12_version,
+      { "version", "pkcs12.version",
+        FT_UINT32, BASE_DEC, VALS(pkcs12_T_version_vals), 0,
+        "pkcs12.T_version", HFILL }},
+    { &hf_pkcs12_authSafe,
+      { "authSafe", "pkcs12.authSafe",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "cms.ContentInfo", HFILL }},
+    { &hf_pkcs12_macData,
+      { "macData", "pkcs12.macData",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.MacData", HFILL }},
+    { &hf_pkcs12_mac,
+      { "mac", "pkcs12.mac",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.DigestInfo", HFILL }},
+    { &hf_pkcs12_macSalt,
+      { "macSalt", "pkcs12.macSalt",
+        FT_BYTES, BASE_HEX, NULL, 0,
+        "pkcs12.OCTET_STRING", HFILL }},
+    { &hf_pkcs12_iterations,
+      { "iterations", "pkcs12.iterations",
+        FT_INT32, BASE_DEC, NULL, 0,
+        "pkcs12.INTEGER", HFILL }},
+    { &hf_pkcs12_digestAlgorithm,
+      { "digestAlgorithm", "pkcs12.digestAlgorithm",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "cms.DigestAlgorithmIdentifier", HFILL }},
+    { &hf_pkcs12_digest,
+      { "digest", "pkcs12.digest",
+        FT_BYTES, BASE_HEX, NULL, 0,
+        "cms.Digest", HFILL }},
+    { &hf_pkcs12_AuthenticatedSafe_item,
+      { "Item", "pkcs12.AuthenticatedSafe_item",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "cms.ContentInfo", HFILL }},
+    { &hf_pkcs12_SafeContents_item,
+      { "Item", "pkcs12.SafeContents_item",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.SafeBag", HFILL }},
+    { &hf_pkcs12_bagId,
+      { "bagId", "pkcs12.bagId",
+        FT_OID, BASE_NONE, NULL, 0,
+        "pkcs12.OBJECT_IDENTIFIER", HFILL }},
+    { &hf_pkcs12_bagValue,
+      { "bagValue", "pkcs12.bagValue",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.T_bagValue", HFILL }},
+    { &hf_pkcs12_bagAttributes,
+      { "bagAttributes", "pkcs12.bagAttributes",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        "pkcs12.SET_OF_PKCS12Attribute", HFILL }},
+    { &hf_pkcs12_bagAttributes_item,
+      { "Item", "pkcs12.bagAttributes_item",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.PKCS12Attribute", HFILL }},
+    { &hf_pkcs12_certId,
+      { "certId", "pkcs12.certId",
+        FT_OID, BASE_NONE, NULL, 0,
+        "pkcs12.OBJECT_IDENTIFIER", HFILL }},
+    { &hf_pkcs12_certValue,
+      { "certValue", "pkcs12.certValue",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.T_certValue", HFILL }},
+    { &hf_pkcs12_crlId,
+      { "crlId", "pkcs12.crlId",
+        FT_OID, BASE_NONE, NULL, 0,
+        "pkcs12.OBJECT_IDENTIFIER", HFILL }},
+    { &hf_pkcs12_crlValue,
+      { "crlValue", "pkcs12.crlValue",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.T_crlValue", HFILL }},
+    { &hf_pkcs12_secretTypeId,
+      { "secretTypeId", "pkcs12.secretTypeId",
+        FT_OID, BASE_NONE, NULL, 0,
+        "pkcs12.OBJECT_IDENTIFIER", HFILL }},
+    { &hf_pkcs12_secretValue,
+      { "secretValue", "pkcs12.secretValue",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.T_secretValue", HFILL }},
+    { &hf_pkcs12_attrId,
+      { "attrId", "pkcs12.attrId",
+        FT_OID, BASE_NONE, NULL, 0,
+        "pkcs12.OBJECT_IDENTIFIER", HFILL }},
+    { &hf_pkcs12_attrValues,
+      { "attrValues", "pkcs12.attrValues",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        "pkcs12.T_attrValues", HFILL }},
+    { &hf_pkcs12_attrValues_item,
+      { "Item", "pkcs12.attrValues_item",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "pkcs12.T_attrValues_item", HFILL }},
+    { &hf_pkcs12_privateKeyVersion,
+      { "version", "pkcs12.version",
+        FT_INT32, BASE_DEC, VALS(x509af_Version_vals), 0,
+        "pkcs12.Version", HFILL }},
+    { &hf_pkcs12_privateKeyAlgorithm,
+      { "privateKeyAlgorithm", "pkcs12.privateKeyAlgorithm",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "x509af.AlgorithmIdentifier", HFILL }},
+    { &hf_pkcs12_privateKey,
+      { "privateKey", "pkcs12.privateKey",
+        FT_BYTES, BASE_HEX, NULL, 0,
+        "pkcs12.PrivateKey", HFILL }},
+    { &hf_pkcs12_attributes,
+      { "attributes", "pkcs12.attributes",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        "pkcs12.Attributes", HFILL }},
+    { &hf_pkcs12_Attributes_item,
+      { "Item", "pkcs12.Attributes_item",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "x509if.Attribute", HFILL }},
+    { &hf_pkcs12_encryptionAlgorithm,
+      { "encryptionAlgorithm", "pkcs12.encryptionAlgorithm",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "x509af.AlgorithmIdentifier", HFILL }},
+    { &hf_pkcs12_encryptedData,
+      { "encryptedData", "pkcs12.encryptedData",
+        FT_BYTES, BASE_HEX, NULL, 0,
+        "pkcs12.EncryptedData", HFILL }},
+    { &hf_pkcs12_salt,
+      { "salt", "pkcs12.salt",
+        FT_BYTES, BASE_HEX, NULL, 0,
+        "pkcs12.OCTET_STRING", HFILL }},
+    { &hf_pkcs12_iterationCount,
+      { "iterationCount", "pkcs12.iterationCount",
+        FT_INT32, BASE_DEC, NULL, 0,
+        "pkcs12.INTEGER", HFILL }},
+    { &hf_pkcs12_saltChoice,
+      { "salt", "pkcs12.salt",
+        FT_UINT32, BASE_DEC, VALS(pkcs12_T_saltChoice_vals), 0,
+        "pkcs12.T_saltChoice", HFILL }},
+    { &hf_pkcs12_specified,
+      { "specified", "pkcs12.specified",
+        FT_BYTES, BASE_HEX, NULL, 0,
+        "pkcs12.OCTET_STRING", HFILL }},
+    { &hf_pkcs12_otherSource,
+      { "otherSource", "pkcs12.otherSource",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "x509af.AlgorithmIdentifier", HFILL }},
+    { &hf_pkcs12_keyLength,
+      { "keyLength", "pkcs12.keyLength",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        "pkcs12.INTEGER_1_MAX", HFILL }},
+    { &hf_pkcs12_prf,
+      { "prf", "pkcs12.prf",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "x509af.AlgorithmIdentifier", HFILL }},
+    { &hf_pkcs12_keyDerivationFunc,
+      { "keyDerivationFunc", "pkcs12.keyDerivationFunc",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "x509af.AlgorithmIdentifier", HFILL }},
+    { &hf_pkcs12_encryptionScheme,
+      { "encryptionScheme", "pkcs12.encryptionScheme",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "x509af.AlgorithmIdentifier", HFILL }},
+    { &hf_pkcs12_messageAuthScheme,
+      { "messageAuthScheme", "pkcs12.messageAuthScheme",
+        FT_NONE, BASE_NONE, NULL, 0,
+        "x509af.AlgorithmIdentifier", HFILL }},
+
+/*--- End of included file: packet-pkcs12-hfarr.c ---*/
+#line 134 "packet-pkcs12-template.c"
+  };
+
+  /* List of subtrees */
+  static gint *ett[] = {
+
+/*--- Included file: packet-pkcs12-ettarr.c ---*/
+#line 1 "packet-pkcs12-ettarr.c"
+    &ett_pkcs12_PFX,
+    &ett_pkcs12_MacData,
+    &ett_pkcs12_DigestInfo,
+    &ett_pkcs12_AuthenticatedSafe,
+    &ett_pkcs12_SafeContents,
+    &ett_pkcs12_SafeBag,
+    &ett_pkcs12_SET_OF_PKCS12Attribute,
+    &ett_pkcs12_CertBag,
+    &ett_pkcs12_CRLBag,
+    &ett_pkcs12_SecretBag,
+    &ett_pkcs12_PKCS12Attribute,
+    &ett_pkcs12_T_attrValues,
+    &ett_pkcs12_PrivateKeyInfo,
+    &ett_pkcs12_Attributes,
+    &ett_pkcs12_EncryptedPrivateKeyInfo,
+    &ett_pkcs12_PBEParameter,
+    &ett_pkcs12_PBKDF2Params,
+    &ett_pkcs12_T_saltChoice,
+    &ett_pkcs12_PBES2Params,
+    &ett_pkcs12_PBMAC1Params,
+
+/*--- End of included file: packet-pkcs12-ettarr.c ---*/
+#line 139 "packet-pkcs12-template.c"
+  };
+
+  /* Register protocol */
+  proto_pkcs12 = proto_register_protocol(PNAME, PSNAME, PFNAME);
+
+  /* Register fields and subtrees */
+  proto_register_field_array(proto_pkcs12, hf, array_length(hf));
+  proto_register_subtree_array(ett, array_length(ett));
+
+  register_ber_syntax_dissector("PKCS#12", proto_pkcs12, dissect_PFX_PDU); 
+  register_ber_oid_syntax(".p12", NULL, "PKCS#12");
+  register_ber_oid_syntax(".pfx", NULL, "PKCS#12");
+}
+
+
+/*--- proto_reg_handoff_pkcs12 -------------------------------------------*/
+void proto_reg_handoff_pkcs12(void) {
+
+/*--- Included file: packet-pkcs12-dis-tab.c ---*/
+#line 1 "packet-pkcs12-dis-tab.c"
+  register_ber_oid_dissector("1.2.840.113549.1.12.10.1.1", dissect_KeyBag_PDU, proto_pkcs12, "keyBag");
+  register_ber_oid_dissector("1.2.840.113549.1.12.10.1.2", dissect_PKCS8ShroudedKeyBag_PDU, proto_pkcs12, "pkcs8ShroudedKeyBag");
+  register_ber_oid_dissector("1.2.840.113549.1.12.10.1.3", dissect_CertBag_PDU, proto_pkcs12, "certBag");
+  register_ber_oid_dissector("1.2.840.113549.1.12.10.1.4", dissect_SecretBag_PDU, proto_pkcs12, "secretBag");
+  register_ber_oid_dissector("1.2.840.113549.1.12.10.1.5", dissect_CRLBag_PDU, proto_pkcs12, "crlBag");
+  register_ber_oid_dissector("1.2.840.113549.1.12.10.1.6", dissect_SafeContents_PDU, proto_pkcs12, "safeContentsBag");
+  register_ber_oid_dissector("2.16.840.1.113730.3.1.216", dissect_PFX_PDU, proto_pkcs12, "pkcs-9-at-PKCS12");
+  register_ber_oid_dissector("1.2.840.113549.1.9.25.2", dissect_EncryptedPrivateKeyInfo_PDU, proto_pkcs12, "pkcs-9-at-encryptedPrivateKeyInfo");
+  register_ber_oid_dissector("1.2.840.113549.1.12.1.1", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd128BitRC4");
+  register_ber_oid_dissector("1.2.840.113549.1.12.1.2", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd40BitRC4");
+  register_ber_oid_dissector("1.2.840.113549.1.12.1.3", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd3-KeyTripleDES-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.12.1.4", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd2-KeyTripleDES-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.12.1.5", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd128BitRC2-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.12.1.6", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHAAnd128BitRC2-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.5.1", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD2AndDES-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.5.3", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD5AndDES-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.5.4", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD2AndRC2-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.5.6", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithMD5AndRC2-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.5.10", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHA1AndDES-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.5.11", dissect_PBEParameter_PDU, proto_pkcs12, "pbeWithSHA1AndRC2-CBC");
+  register_ber_oid_dissector("1.2.840.113549.1.5.12", dissect_PBKDF2Params_PDU, proto_pkcs12, "id-PBKDF2");
+  register_ber_oid_dissector("1.2.840.113549.1.5.13", dissect_PBES2Params_PDU, proto_pkcs12, "id-PBES2");
+  register_ber_oid_dissector("1.2.840.113549.1.5.14", dissect_PBMAC1Params_PDU, proto_pkcs12, "id-PBMAC1");
+
+
+/*--- End of included file: packet-pkcs12-dis-tab.c ---*/
+#line 157 "packet-pkcs12-template.c"
+
+}
+

diff --git a/epan/dissectors/packet-pkcs12.h b/epan/dissectors/packet-pkcs12.h
new file mode 100644 (file)
index 0000000..ff0bb9d
--- /dev/null
+++ b/epan/dissectors/packet-pkcs12.h
@@ -0,0 +1,38 @@
+/* Do not modify this file.                                                   */
+/* It is created automatically by the ASN.1 to Wireshark dissector compiler   */
+/* ./packet-pkcs12.h                                                          */
+/* ../../tools/asn2wrs.py -b -e -p pkcs12 -c pkcs12.cnf -s packet-pkcs12-template pkcs12.asn */
+
+/* Input file: packet-pkcs12-template.h */
+
+#line 1 "packet-pkcs12-template.h"
+/* packet-pkcs12.h
+ * Routines for PKCS#12 Personal Information Exchange packet dissection
+ * Graeme Lunt 2006
+ *
+ * $Id$
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifndef PACKET_PKCS12_H
+#define PACKET_PKCS12_H
+
+#endif  /* PACKET_PKCS12_H */
+

diff --git a/epan/dissectors/packet-x509sat.c b/epan/dissectors/packet-x509sat.c
index 587b7a1d72177a9040923509619f4ade8853e9f6..77d7748fd89c92957ca3d229229ecdf3c94cafa1 100644 (file)
--- a/epan/dissectors/packet-x509sat.c
+++ b/epan/dissectors/packet-x509sat.c
@@ -1,6 +1,6 @@
 /* Do not modify this file.                                                   */
 /* It is created automatically by the ASN.1 to Wireshark dissector compiler   */
-/* .\packet-x509sat.c                                                         */
+/* ./packet-x509sat.c                                                         */
 /* ../../tools/asn2wrs.py -b -e -p x509sat -c x509sat.cnf -s packet-x509sat-template SelectedAttributeTypes.asn */
 
 /* Input file: packet-x509sat-template.c */
@@ -2897,6 +2897,19 @@ void proto_reg_handoff_x509sat(void) {
   register_ber_oid_dissector("2.16.840.1.101.2.2.1.143", dissect_DirectoryString_PDU, proto_x509sat, "id-at-adminConversion");
   register_ber_oid_dissector("2.16.840.1.101.2.2.1.144", dissect_SyntaxPrintableString_PDU, proto_x509sat, "id-at-tCCG");
   register_ber_oid_dissector("2.16.840.1.101.2.2.1.145", dissect_DirectoryString_PDU, proto_x509sat, "id-at-usdConversion");
+  register_ber_oid_dissector("1.2.840.113549.1.9.1", dissect_SyntaxIA5String_PDU, proto_x509sat, "pkcs-9-at-emailAddress");
+  register_ber_oid_dissector("1.2.840.113549.1.9.7", dissect_DirectoryString_PDU, proto_x509sat, "pkcs-9-at-challengePassword");
+  register_ber_oid_dissector("1.2.840.113549.1.9.8", dissect_DirectoryString_PDU, proto_x509sat, "pkcs-9-at-unstructuredAddress");
+  register_ber_oid_dissector("1.2.840.113549.1.9.13", dissect_DirectoryString_PDU, proto_x509sat, "pkcs-9-at-signingDescription");
+  register_ber_oid_dissector("1.2.840.113549.1.9.20", dissect_SyntaxBMPString_PDU, proto_x509sat, "pkcs-9-at-friendlyName");
+  register_ber_oid_dissector("1.2.840.113549.1.9.21", dissect_OctetString_PDU, proto_x509sat, "pkcs-9-at-localKeyId");
+  register_ber_oid_dissector("1.2.840.113549.1.9.25.3", dissect_OctetString_PDU, proto_x509sat, "pkcs-9-at-randomNonce");
+  register_ber_oid_dissector("1.2.840.113549.1.9.25.4", dissect_Integer_PDU, proto_x509sat, "pkcs-9-at-sequenceNumber");
+  register_ber_oid_dissector("1.3.6.1.5.5.7.9.1", dissect_SyntaxGeneralizedTime_PDU, proto_x509sat, "pkcs-9-at-dateOfBirth");
+  register_ber_oid_dissector("1.3.6.1.5.5.7.9.2", dissect_DirectoryString_PDU, proto_x509sat, "pkcs-9-at-placeOfBirth");
+  register_ber_oid_dissector("1.3.6.1.5.5.7.9.3", dissect_SyntaxPrintableString_PDU, proto_x509sat, "pkcs-9-at-gender");
+  register_ber_oid_dissector("1.3.6.1.5.5.7.9.4", dissect_SyntaxPrintableString_PDU, proto_x509sat, "pkcs-9-at-countryOfCitizenship");
+  register_ber_oid_dissector("1.3.6.1.5.5.7.9.5", dissect_SyntaxPrintableString_PDU, proto_x509sat, "pkcs-9-at-countryOfResidence");
 
 
 /*--- End of included file: packet-x509sat-dis-tab.c ---*/

diff --git a/epan/dissectors/packet-x509sat.h b/epan/dissectors/packet-x509sat.h
index f32df5f418d5be0dd6943c4724b180f865e29582..69105c80ce2997971ffc8e957def05eea281ed4c 100644 (file)
--- a/epan/dissectors/packet-x509sat.h
+++ b/epan/dissectors/packet-x509sat.h
@@ -1,6 +1,6 @@
 /* Do not modify this file.                                                   */
 /* It is created automatically by the ASN.1 to Wireshark dissector compiler   */
-/* .\packet-x509sat.h                                                         */
+/* ./packet-x509sat.h                                                         */
 /* ../../tools/asn2wrs.py -b -e -p x509sat -c x509sat.cnf -s packet-x509sat-template SelectedAttributeTypes.asn */
 
 /* Input file: packet-x509sat-template.h */