diff options
| author | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2004-07-19 08:57:29 +0000 |
|---|---|---|
| committer | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2004-07-19 08:57:29 +0000 |
| commit | 4f82d639f957f7badff9371be501e063f43d0628 (patch) | |
| tree | 882e0eadbe11ac050e11230da0886e96960343a2 /asn1 | |
| parent | e06409d0838068bbcd1dff0a9e6f218630ab4075 (diff) | |
| download | wireshark-4f82d639f957f7badff9371be501e063f43d0628.tar.gz wireshark-4f82d639f957f7badff9371be501e063f43d0628.tar.bz2 wireshark-4f82d639f957f7badff9371be501e063f43d0628.zip | |
Work in progress
New protocol X.509 Information framework
this new protocol is not yet linked with ethereal and needs extra massage before it can be used.
svn path=/trunk/; revision=11430
Diffstat (limited to 'asn1')
| -rw-r--r-- | asn1/x509if/InformationFramework.asn | 872 | ||||
| -rw-r--r-- | asn1/x509if/packet-x509if-template.c | 96 | ||||
| -rw-r--r-- | asn1/x509if/packet-x509if-template.h | 33 | ||||
| -rw-r--r-- | asn1/x509if/x509if.cnf | 21 | ||||
| -rw-r--r-- | asn1/x509if/x509if_exp.cnf | 7 |
5 files changed, 1029 insertions, 0 deletions
diff --git a/asn1/x509if/InformationFramework.asn b/asn1/x509if/InformationFramework.asn new file mode 100644 index 0000000000..bc6c537725 --- /dev/null +++ b/asn1/x509if/InformationFramework.asn @@ -0,0 +1,872 @@ +-- Module InformationFramework (X.501:08/1997) + +InformationFramework {joint-iso-itu-t ds(5) module(1) informationFramework(1) 3} DEFINITIONS ::= +BEGIN + +-- EXPORTS All - +-- The types and values defined in this module are exported for use in the other ASN.1 modules contained +-- within the Directory Specifications, and for the use of other applications which will use them to access +-- Directory services. Other applications may use them for their own purposes, but this will not constrain +-- extensions and modifications needed to maintain or improve the Directory service. +IMPORTS + id-oc, id-at, id-mr, id-oa, id-sc, id-ar, id-nf, selectedAttributeTypes, + directoryAbstractService, upperBounds + FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) + usefulDefinitions(0) 3} + commonName, generalizedTimeMatch, generalizedTimeOrderingMatch, booleanMatch, + integerMatch, integerOrderingMatch, objectIdentifierFirstComponentMatch, + integerFirstComponentMatch, DirectoryString{} + FROM SelectedAttributeTypes selectedAttributeTypes + TypeAndContextAssertion, ServiceControlOptions, SearchControlOptions, + HierarchySelections, FamilyGrouping, FamilyReturn + FROM DirectoryAbstractService directoryAbstractService + ub-search + FROM UpperBounds upperBounds; + +AttributeId ::= OBJECT IDENTIFIER + +-- attribute data types +-- Attribute ::= SEQUENCE { +-- type AttributeId, +-- values +-- SET SIZE (0..MAX) OF ATTRIBUTE.&Type({SupportedAttributes}{@type}), +-- valuesWithContext +-- SET SIZE (1..MAX) OF +-- SEQUENCE {value ATTRIBUTE.&Type({SupportedAttributes}{@type}), +-- contextList SET SIZE (1..MAX) OF Context} OPTIONAL +-- } + +AttributeType ::= AttributeId + +-- AttributeValue ::= ATTRIBUTE.&Type +-- +-- Context ::= SEQUENCE { +-- contextType CONTEXT.&id({SupportedContexts}), +-- contextValues +-- SET SIZE (1..MAX) OF CONTEXT.&Type({SupportedContexts}{@contextType}), +-- fallback BOOLEAN DEFAULT FALSE +-- } +-- +-- AttributeValueAssertion ::= SEQUENCE { +-- type AttributeId, +-- assertion +-- ATTRIBUTE.&equality-match.&AssertionType({SupportedAttributes}{@type}), +-- assertedContexts +-- CHOICE {allContexts [0] NULL, +-- selectedContexts [1] SET SIZE (1..MAX) OF ContextAssertion +-- } OPTIONAL +-- } +-- +-- ContextAssertion ::= SEQUENCE { +-- contextType CONTEXT.&id({SupportedContexts}), +-- contextValues +-- SET SIZE (1..MAX) OF CONTEXT.&Assertion({SupportedContexts}{@contextType}) +-- } +-- +-- AttributeTypeAssertion ::= SEQUENCE { +-- type AttributeId, +-- assertedContexts SEQUENCE SIZE (1..MAX) OF ContextAssertion OPTIONAL +-- } +-- +-- Definition of the following information object set is deferred, perhaps to standardized +-- profiles or to protocol implementation conformance statements. The set is required to +-- specify a table constraint on the values component of Attribute, the value component +-- of AttributeTypeAndValue, and the assertion component of AttributeValueAssertion. +-- SupportedAttributes ATTRIBUTE ::= +-- {objectClass | aliasedEntryName, ...} +-- +-- Definition of the following information object set is deferred, perhaps to standardized +-- profiles or to protocol implementation conformance statements. The set is required to +-- specify a table constraint on the context specifications +-- SupportedContexts CONTEXT ::= +-- {...} +-- +-- naming data types +Name ::= CHOICE { + rdnSequence RDNSequence +} + +RDNSequence ::= SEQUENCE OF RelativeDistinguishedName + +DistinguishedName ::= RDNSequence + +RelativeDistinguishedName ::= + SET SIZE (1..MAX) OF AttributeTypeAndDistinguishedValue + +AttributeTypeAndDistinguishedValue ::= SEQUENCE { +-- type AttributeId, +-- value ATTRIBUTE.&Type({SupportedAttributes}{@type}), +-- primaryDistinguished BOOLEAN DEFAULT TRUE, +-- valuesWithContext +-- SET SIZE (1..MAX) OF +-- SEQUENCE {distingAttrValue +-- [0] ATTRIBUTE.&Type({SupportedAttributes}{@type}) OPTIONAL, +-- contextList SET SIZE (1..MAX) OF Context} OPTIONAL +} + +-- subtree data types +-- SubtreeSpecification ::= SEQUENCE { +-- base [0] LocalName DEFAULT {}, +-- COMPONENTS OF ChopSpecification, +-- specificationFilter [4] Refinement OPTIONAL +-- } +-- +-- empty sequence specifies whole administrative area +-- LocalName ::= RDNSequence +-- +-- ChopSpecification ::= SEQUENCE { +-- specificExclusions +-- [1] SET SIZE (1..MAX) OF +-- CHOICE {chopBefore [0] LocalName, +-- chopAfter [1] LocalName} OPTIONAL, +-- minimum [2] BaseDistance DEFAULT 0, +-- maximum [3] BaseDistance OPTIONAL +-- } +-- +-- BaseDistance ::= INTEGER(0..MAX) +-- +-- Refinement ::= CHOICE { +-- item [0] OBJECT-CLASS.&id, +-- and [1] SET OF Refinement, +-- or [2] SET OF Refinement, +-- not [3] Refinement +-- } +-- +-- OBJECT-CLASS information object class specification +-- OBJECT-CLASS ::= CLASS { +-- &Superclasses OBJECT-CLASS OPTIONAL, +-- &kind ObjectClassKind DEFAULT structural, +-- &MandatoryAttributes ATTRIBUTE OPTIONAL, +-- &OptionalAttributes ATTRIBUTE OPTIONAL, +-- &id OBJECT IDENTIFIER UNIQUE +-- } +-- WITH SYNTAX { +-- [SUBCLASS OF &Superclasses] +-- [KIND &kind] +-- [MUST CONTAIN &MandatoryAttributes] +-- [MAY CONTAIN &OptionalAttributes] +-- ID &id +-- } + +ObjectClassKind ::= ENUMERATED {abstract(0), structural(1), auxiliary(2)} + +-- object classes +-- top OBJECT-CLASS ::= { +-- KIND abstract +-- MUST CONTAIN {objectClass} +-- ID id-oc-top +-- } +-- +-- alias OBJECT-CLASS ::= { +-- SUBCLASS OF {top} +-- MUST CONTAIN {aliasedEntryName} +-- ID id-oc-alias +-- } +-- +-- parent OBJECT-CLASS ::= {KIND abstract +-- ID id-oc-parent +-- } +-- +-- child OBJECT-CLASS ::= {KIND auxiliary +-- ID id-oc-child +-- } +-- +-- ATTRIBUTE information object class specification +-- ATTRIBUTE ::= CLASS { +-- either &Type or &derivation required +-- &derivation ATTRIBUTE OPTIONAL, +-- &Type OPTIONAL, +-- &equality-match MATCHING-RULE OPTIONAL, +-- &ordering-match MATCHING-RULE OPTIONAL, +-- &substrings-match MATCHING-RULE OPTIONAL, +-- &single-valued BOOLEAN DEFAULT FALSE, +-- &collective BOOLEAN DEFAULT FALSE, +-- operational extensions +-- &no-user-modification BOOLEAN DEFAULT FALSE, +-- &usage AttributeUsage DEFAULT userApplications, +-- &id OBJECT IDENTIFIER UNIQUE +-- } +-- WITH SYNTAX { +-- [SUBTYPE OF &derivation] +-- [WITH SYNTAX &Type] +-- [EQUALITY MATCHING RULE &equality-match] +-- [ORDERING MATCHING RULE &ordering-match] +-- [SUBSTRINGS MATCHING RULE &substrings-match] +-- [SINGLE VALUE &single-valued] +-- [COLLECTIVE &collective] +-- [NO USER MODIFICATION &no-user-modification] +-- [USAGE &usage] +-- ID &id +-- } +-- +-- AttributeUsage ::= ENUMERATED { +-- userApplications(0), directoryOperation(1), distributedOperation(2), +-- dSAOperation(3)} +-- +-- attributes +-- objectClass ATTRIBUTE ::= { +-- WITH SYNTAX OBJECT IDENTIFIER +-- EQUALITY MATCHING RULE objectIdentifierMatch +-- ID id-at-objectClass +-- } +-- +-- aliasedEntryName ATTRIBUTE ::= { +-- WITH SYNTAX DistinguishedName +-- EQUALITY MATCHING RULE distinguishedNameMatch +-- SINGLE VALUE TRUE +-- ID id-at-aliasedEntryName +-- } +-- +-- MATCHING-RULE information object class specification +-- MATCHING-RULE ::= CLASS { +-- &ParentMatchingRules MATCHING-RULE.&id OPTIONAL, +-- &AssertionType OPTIONAL, +-- &uniqueMatchIndicator AttributeId OPTIONAL, +-- &id OBJECT IDENTIFIER UNIQUE +-- } +-- WITH SYNTAX { +-- [PARENT &ParentMatchingRules] +-- [SYNTAX &AssertionType] +-- [UNIQUE-MATCH-INDICATOR &uniqueMatchIndicator] +-- ID &id +-- } +-- +-- matching rules +-- objectIdentifierMatch MATCHING-RULE ::= { +-- SYNTAX OBJECT IDENTIFIER +-- ID id-mr-objectIdentifierMatch +-- } +-- +-- distinguishedNameMatch MATCHING-RULE ::= { +-- SYNTAX DistinguishedName +-- ID id-mr-distinguishedNameMatch +-- } +-- +-- MAPPING-BASED-MATCHING{SelectedBy, BOOLEAN:combinable, MappingResult, +-- OBJECT IDENTIFIER:matchingRule} ::= CLASS { +-- &selectBy SelectedBy OPTIONAL, +-- &ApplicableTo ATTRIBUTE, +-- &subtypesIncluded BOOLEAN DEFAULT TRUE, +-- &combinable BOOLEAN(combinable), +-- &mappingResults MappingResult OPTIONAL, +-- &userControl BOOLEAN DEFAULT FALSE, +-- &exclusive BOOLEAN DEFAULT TRUE, +-- &matching-rule MATCHING-RULE.&id(matchingRule), +-- &id OBJECT IDENTIFIER UNIQUE +-- } +-- WITH SYNTAX { +-- [SELECT BY &selectBy] +-- APPLICABLE TO &ApplicableTo +-- [SUBTYPES INCLUDED &subtypesIncluded] +-- COMBINABLE &combinable +-- [MAPPING RESULTS &mappingResults] +-- [USER CONTROL &userControl] +-- [EXCLUSIVE &exclusive] +-- MATCHING RULE &matching-rule +-- ID &id +-- } +-- +-- NAME-FORM information object class specification +-- NAME-FORM ::= CLASS { +-- &namedObjectClass OBJECT-CLASS, +-- &MandatoryAttributes ATTRIBUTE, +-- &OptionalAttributes ATTRIBUTE OPTIONAL, +-- &id OBJECT IDENTIFIER UNIQUE +-- } +-- WITH SYNTAX { +-- NAMES &namedObjectClass +-- WITH ATTRIBUTES &MandatoryAttributes +-- [AND OPTIONALLY &OptionalAttributes] +-- ID &id +-- } +-- +-- STRUCTURE-RULE class and DIT structure rule data types +-- STRUCTURE-RULE ::= CLASS { +-- &nameForm NAME-FORM, +-- &SuperiorStructureRules STRUCTURE-RULE OPTIONAL, +-- &id RuleIdentifier +-- } +-- WITH SYNTAX { +-- NAME FORM &nameForm +-- [SUPERIOR RULES &SuperiorStructureRules] +-- ID &id +-- } +-- +-- DITStructureRule ::= SEQUENCE { +-- ruleIdentifier RuleIdentifier, +-- must be unique within the scope of the subschema +-- nameForm NAME-FORM.&id, +-- superiorStructureRules SET SIZE (1..MAX) OF RuleIdentifier OPTIONAL +-- } +-- +-- RuleIdentifier ::= INTEGER +-- +-- CONTENT-RULE class and DIT content rule data types +-- CONTENT-RULE ::= CLASS { +-- &structuralClass OBJECT-CLASS.&id UNIQUE, +-- &Auxiliaries OBJECT-CLASS OPTIONAL, +-- &Mandatory ATTRIBUTE OPTIONAL, +-- &Optional ATTRIBUTE OPTIONAL, +-- &Precluded ATTRIBUTE OPTIONAL +-- } +-- WITH SYNTAX { +-- STRUCTURAL OBJECT-CLASS &structuralClass +-- [AUXILIARY OBJECT-CLASSES &Auxiliaries] +-- [MUST CONTAIN &Mandatory] +-- [MAY CONTAIN &Optional] +-- [MUST-NOT CONTAIN &Precluded] +-- } +-- +-- DITContentRule ::= SEQUENCE { +-- structuralObjectClass OBJECT-CLASS.&id, +-- auxiliaries SET SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL, +-- mandatory [1] SET SIZE (1..MAX) OF AttributeId OPTIONAL, +-- optional [2] SET SIZE (1..MAX) OF AttributeId OPTIONAL, +-- precluded [3] SET SIZE (1..MAX) OF AttributeId OPTIONAL +-- } +-- +-- CONTEXT ::= CLASS { +-- &Type , +-- &Assertion OPTIONAL, +-- &id OBJECT IDENTIFIER UNIQUE +-- }WITH SYNTAX {WITH SYNTAX &Type +-- [ASSERTED AS &Assertion] +-- ID &id +-- } +-- +-- DITContextUse ::= SEQUENCE { +-- attributeType AttributeId, +-- mandatoryContexts [1] SET SIZE (1..MAX) OF CONTEXT.&id OPTIONAL, +-- optionalContexts [2] SET SIZE (1..MAX) OF CONTEXT.&id OPTIONAL +-- } +-- +-- DIT-CONTEXT-USE-RULE ::= CLASS { +-- &attributeType AttributeId UNIQUE, +-- &Mandatory CONTEXT OPTIONAL, +-- &Optional CONTEXT OPTIONAL +-- } +-- WITH SYNTAX { +-- ATTRIBUTE TYPE &attributeType +-- [MANDATORY CONTEXTS &Mandatory] +-- [OPTIONAL CONTEXTS &Optional] +-- } +-- +-- system schema information objects +-- object classes +-- subentry OBJECT-CLASS ::= { +-- SUBCLASS OF {top} +-- KIND structural +-- MUST CONTAIN {commonName | subtreeSpecification} +-- ID id-sc-subentry +-- } +-- +-- subentryNameForm NAME-FORM ::= { +-- NAMES subentry +-- WITH ATTRIBUTES {commonName} +-- ID id-nf-subentryNameForm +-- } +-- +-- accessControlSubentry OBJECT-CLASS ::= { +-- KIND auxiliary +-- ID id-sc-accessControlSubentry +-- } +-- +-- collectiveAttributeSubentry OBJECT-CLASS ::= { +-- KIND auxiliary +-- ID id-sc-collectiveAttributeSubentry +-- } +-- +-- contextAssertionSubentry OBJECT-CLASS ::= { +-- KIND auxiliary +-- MUST CONTAIN {contextAssertionDefaults} +-- ID id-sc-contextAssertionSubentry +-- } +-- +-- serviceAdminSubentry OBJECT-CLASS ::= { +-- KIND auxiliary +-- MUST CONTAIN {searchRules} +-- ID id-sc-serviceAdminSubentry +-- } +-- +-- attributes +-- createTimestamp ATTRIBUTE ::= { +-- WITH SYNTAX GeneralizedTime +-- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 +-- EQUALITY MATCHING RULE generalizedTimeMatch +-- ORDERING MATCHING RULE generalizedTimeOrderingMatch +-- SINGLE VALUE TRUE +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-createTimestamp +-- } +-- +-- modifyTimestamp ATTRIBUTE ::= { +-- WITH SYNTAX GeneralizedTime +-- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 +-- EQUALITY MATCHING RULE generalizedTimeMatch +-- ORDERING MATCHING RULE generalizedTimeOrderingMatch +-- SINGLE VALUE TRUE +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-modifyTimestamp +-- } +-- +-- subschemaTimestamp ATTRIBUTE ::= { +-- WITH SYNTAX GeneralizedTime +-- as per 41.3 b) or c) of ITU-T Rec.X. 680 | ISO/IEC 8824-1 +-- EQUALITY MATCHING RULE generalizedTimeMatch +-- ORDERING MATCHING RULE generalizedTimeOrderingMatch +-- SINGLE VALUE TRUE +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-subschemaTimestamp +-- } +-- +-- creatorsName ATTRIBUTE ::= { +-- WITH SYNTAX DistinguishedName +-- EQUALITY MATCHING RULE distinguishedNameMatch +-- SINGLE VALUE TRUE +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-creatorsName +-- } +-- +-- modifiersName ATTRIBUTE ::= { +-- WITH SYNTAX DistinguishedName +-- EQUALITY MATCHING RULE distinguishedNameMatch +-- SINGLE VALUE TRUE +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-modifiersName +-- } +-- +-- subschemaSubentryList ATTRIBUTE ::= { +-- WITH SYNTAX DistinguishedName +-- EQUALITY MATCHING RULE distinguishedNameMatch +-- SINGLE VALUE TRUE +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-subschemaSubentryList +-- } +-- +-- accessControlSubentryList ATTRIBUTE ::= { +-- WITH SYNTAX DistinguishedName +-- EQUALITY MATCHING RULE distinguishedNameMatch +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-accessControlSubentryList +-- } +-- +-- collectiveAttributeSubentryList ATTRIBUTE ::= { +-- WITH SYNTAX DistinguishedName +-- EQUALITY MATCHING RULE distinguishedNameMatch +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-collectiveAttributeSubentryList +-- } +-- +-- contextDefaultSubentryList ATTRIBUTE ::= { +-- WITH SYNTAX DistinguishedName +-- EQUALITY MATCHING RULE distinguishedNameMatch +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-contextDefaultSubentryList +-- } +-- +-- serviceAdminSubentryList ATTRIBUTE ::= { +-- WITH SYNTAX DistinguishedName +-- EQUALITY MATCHING RULE distinguishedNameMatch +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-serviceAdminSubentryList +-- } +-- +-- hasSubordinates ATTRIBUTE ::= { +-- WITH SYNTAX BOOLEAN +-- EQUALITY MATCHING RULE booleanMatch +-- SINGLE VALUE TRUE +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-hasSubordinates +-- } +-- +-- administrativeRole ATTRIBUTE ::= { +-- WITH SYNTAX OBJECT-CLASS.&id +-- EQUALITY MATCHING RULE objectIdentifierMatch +-- USAGE directoryOperation +-- ID id-oa-administrativeRole +-- } +-- +-- subtreeSpecification ATTRIBUTE ::= { +-- WITH SYNTAX SubtreeSpecification +-- USAGE directoryOperation +-- ID id-oa-subtreeSpecification +-- } +-- +-- collectiveExclusions ATTRIBUTE ::= { +-- WITH SYNTAX OBJECT IDENTIFIER +-- EQUALITY MATCHING RULE objectIdentifierMatch +-- USAGE directoryOperation +-- ID id-oa-collectiveExclusions +-- } +-- +-- contextAssertionDefaults ATTRIBUTE ::= { +-- WITH SYNTAX TypeAndContextAssertion +-- EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch +-- USAGE directoryOperation +-- ID id-oa-contextAssertionDefault +-- } +-- +-- searchRules ATTRIBUTE ::= { +-- WITH SYNTAX SearchRuleDescription +-- EQUALITY MATCHING RULE integerFirstComponentMatch +-- USAGE directoryOperation +-- ID id-oa-searchRules +-- } +-- +-- SearchRuleDescription ::= SEQUENCE { +-- COMPONENTS OF SearchRule, +-- name [28] SET SIZE (1..MAX) OF DirectoryString{ub-search} OPTIONAL, +-- description [29] DirectoryString{ub-search} OPTIONAL, +-- obsolete [30] BOOLEAN DEFAULT FALSE +-- } +-- +-- hierarchyLevel ATTRIBUTE ::= { +-- WITH SYNTAX INTEGER +-- EQUALITY MATCHING RULE integerMatch +-- ORDERING MATCHING RULE integerOrderingMatch +-- SINGLE VALUE TRUE +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-hierarchyLevel +-- } +-- +-- hierarchyBelow ATTRIBUTE ::= { +-- WITH SYNTAX BOOLEAN +-- EQUALITY MATCHING RULE booleanMatch +-- SINGLE VALUE TRUE +-- NO USER MODIFICATION TRUE +-- USAGE directoryOperation +-- ID id-oa-hierarchyBelow +-- } +-- +-- hierarchyParent ATTRIBUTE ::= { +-- WITH SYNTAX DistinguishedName +-- EQUALITY MATCHING RULE distinguishedNameMatch +-- SINGLE VALUE TRUE +-- USAGE directoryOperation +-- ID id-oa-hierarchyParent +-- } +-- +-- SearchRule ::= SEQUENCE { +-- COMPONENTS OF SearchRuleId, +-- serviceType [1] OBJECT IDENTIFIER OPTIONAL, +-- userClass [2] INTEGER OPTIONAL, +-- inputAttributeTypes +-- [3] SEQUENCE SIZE (1..MAX) OF RequestAttribute OPTIONAL, +-- attributeCombination [4] AttributeCombination DEFAULT and:{}, +-- outputAttributeTypes [5] SEQUENCE SIZE (1..MAX) OF ResultAttribute OPTIONAL, +-- defaultControls [6] ControlOptions OPTIONAL, +-- mandatoryControls [7] ControlOptions OPTIONAL, +-- searchRuleControls [8] ControlOptions OPTIONAL, +-- familyGrouping [9] FamilyGrouping OPTIONAL, +-- familyReturn [10] FamilyReturn OPTIONAL, +-- relaxation [11] RelaxationPolicy OPTIONAL, +-- additionalControl [12] SEQUENCE SIZE (1..MAX) OF AttributeType OPTIONAL, +-- allowedSubset [13] AllowedSubset DEFAULT '111'B, +-- imposedSubset [14] ImposedSubset OPTIONAL, +-- entryLimit [15] EntryLimit OPTIONAL +-- } +-- +-- SearchRuleId ::= SEQUENCE {id INTEGER, +-- dmdId [0] OBJECT IDENTIFIER +-- } + +AllowedSubset ::= BIT STRING {baseObject(0), oneLevel(1), wholeSubtree(2)} + +ImposedSubset ::= ENUMERATED {baseObject(0), oneLevel(1), wholeSubtree(2)} + +-- RequestAttribute ::= SEQUENCE { +-- attributeType AttributeId, +-- includeSubtypes [0] BOOLEAN DEFAULT FALSE, +-- selectedValues +-- [1] SEQUENCE SIZE (0..MAX) OF +-- ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}) OPTIONAL, +-- defaultValues +-- [2] SEQUENCE SIZE (0..MAX) OF +-- SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL, +-- values +-- SEQUENCE OF +-- ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}) +-- } OPTIONAL, +-- contexts [3] SEQUENCE SIZE (0..MAX) OF ContextProfile OPTIONAL, +-- contextCombination [4] ContextCombination DEFAULT and:{}, +-- matchingUse [5] SEQUENCE SIZE (1..MAX) OF MatchingUse OPTIONAL +-- } +-- +-- ContextProfile ::= SEQUENCE { +-- contextType CONTEXT.&id({SupportedContexts}), +-- contextValue +-- SEQUENCE SIZE (1..MAX) OF +-- CONTEXT.&Assertion({SupportedContexts}{@contextType}) OPTIONAL +-- } +-- +-- ContextCombination ::= CHOICE { +-- context [0] CONTEXT.&id, +-- and [1] SEQUENCE OF ContextCombination, +-- or [2] SEQUENCE OF ContextCombination, +-- not [3] ContextCombination +-- } +-- +-- MatchingUse ::= SEQUENCE { +-- restrictionType MATCHING-RESTRICTION.&id({SupportedMatchingRestrictions}), +-- restrictionValue +-- MATCHING-RESTRICTION.&Restriction +-- ({SupportedMatchingRestrictions}{@restrictionType}) +-- } +-- +-- Definition of the following information object set is deferred, perhaps to standardized +-- profiles or to protocol implementation conformance statements. The set is required to +-- specify a table constraint on the components of SupportedMatchingRestrictions +-- SupportedMatchingRestrictions MATCHING-RESTRICTION ::= +-- {...} +-- +-- AttributeCombination ::= CHOICE { +-- attribute [0] AttributeType, +-- and [1] SEQUENCE OF AttributeCombination, +-- or [2] SEQUENCE OF AttributeCombination, +-- not [3] AttributeCombination +-- } +-- +-- ResultAttribute ::= SEQUENCE { +-- attributeType AttributeId, +-- outputValues +-- CHOICE {selectedValues +-- SEQUENCE SIZE (1..MAX) OF +-- ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}), +-- matchedValuesOnly NULL} OPTIONAL, +-- contexts [0] SEQUENCE SIZE (1..MAX) OF ContextProfile OPTIONAL +-- } +-- +-- OutputValues ::= CHOICE { +-- selectedValues +-- SEQUENCE SIZE (1..MAX) OF ATTRIBUTE.&Type({SupportedAttributes}), +-- matchedValuesOnly NULL +-- } +-- +-- ControlOptions ::= SEQUENCE { +-- serviceControls [0] ServiceControlOptions DEFAULT {}, +-- searchOptions [1] SearchControlOptions DEFAULT {searchAliases}, +-- hierarchyOptions [2] HierarchySelections OPTIONAL +-- } +-- +-- EntryLimit ::= SEQUENCE {default INTEGER, +-- max INTEGER +-- } +-- +-- RelaxationPolicy ::= SEQUENCE { +-- basic [0] MRMapping DEFAULT {}, +-- tightenings [1] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL, +-- relaxations [2] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL, +-- maximum [3] INTEGER OPTIONAL, +-- mandatory if tightenings is present +-- minimum [4] INTEGER DEFAULT 1 +-- } +-- +-- MRMapping ::= SEQUENCE { +-- mapping [0] SEQUENCE SIZE (1..MAX) OF Mapping OPTIONAL, +-- substitution [1] SEQUENCE SIZE (1..MAX) OF MRSubstitution OPTIONAL +-- } +-- +-- Mapping ::= SEQUENCE { +-- mappingFunction +-- OBJECT IDENTIFIER +-- (CONSTRAINED BY { shall be an +-- +-- object identifier of a mapping-based matching algorithm }), +-- level INTEGER DEFAULT 0 +-- } +-- +-- MRSubstitution ::= SEQUENCE { +-- attribute AttributeType, +-- oldMatchingRule [0] MATCHING-RULE.&id OPTIONAL, +-- newMatchingRule [1] MATCHING-RULE.&id OPTIONAL +-- } +-- +-- SEARCH-RULE ::= CLASS { +-- &dmdId OBJECT IDENTIFIER, +-- &serviceType OBJECT IDENTIFIER OPTIONAL, +-- &userClass INTEGER OPTIONAL, +-- &InputAttributeTypes REQUEST-ATTRIBUTE OPTIONAL, +-- &combination AttributeCombination OPTIONAL, +-- &OutputAttributeTypes RESULT-ATTRIBUTE OPTIONAL, +-- &defaultControls ControlOptions OPTIONAL, +-- &mandatoryControls ControlOptions OPTIONAL, +-- &searchRuleControls ControlOptions OPTIONAL, +-- &familyGrouping FamilyGrouping OPTIONAL, +-- &familyReturn FamilyReturn OPTIONAL, +-- &additionalControl AttributeType OPTIONAL, +-- &relaxation RelaxationPolicy OPTIONAL, +-- &entryLimit EntryLimit OPTIONAL, +-- &allowedSubset AllowedSubset DEFAULT '111'B, +-- &imposedSubset ImposedSubset OPTIONAL, +-- &id INTEGER UNIQUE +-- } +-- WITH SYNTAX { +-- DMD ID &dmdId +-- [SERVICE-TYPE &serviceType] +-- [USER-CLASS &userClass] +-- [INPUT ATTRIBUTES &InputAttributeTypes] +-- [COMBINATION &combination] +-- [OUTPUT ATTRIBUTES &OutputAttributeTypes] +-- [DEFAULT CONTROL &defaultControls] +-- [MANDATORY CONTROL &mandatoryControls] +-- [SEARCH-RULE CONTROL &searchRuleControls] +-- [FAMILY-GROUPING &familyGrouping] +-- [FAMILY-RETURN &familyReturn] +-- [ADDITIONAL CONTROL &additionalControl] +-- [RELAXATION &relaxation] +-- [ALLOWED SUBSET &allowedSubset] +-- [IMPOSED SUBSET &imposedSubset] +-- [ENTRY LIMIT &entryLimit] +-- ID &id +-- } +-- +-- REQUEST-ATTRIBUTE ::= CLASS { +-- &attributeType AttributeId, +-- &SelectedValues ATTRIBUTE.&Type OPTIONAL, +-- &DefaultValues SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL, +-- values SEQUENCE OF ATTRIBUTE.&Type +-- } OPTIONAL, +-- &contexts SEQUENCE OF ContextProfile OPTIONAL, +-- &contextCombination ContextCombination OPTIONAL, +-- &MatchingUse MatchingUse OPTIONAL, +-- &includeSubtypes BOOLEAN DEFAULT FALSE +-- } +-- WITH SYNTAX { +-- ATTRIBUTE TYPE &attributeType +-- [SELECTED VALUES &SelectedValues] +-- [DEFAULT VALUES &DefaultValues] +-- [CONTEXTS &contexts] +-- [CONTEXT COMBINATION &contextCombination] +-- [MATCHING USE &MatchingUse] +-- [INCLUDE SUBTYPES &includeSubtypes] +-- } +-- +-- RESULT-ATTRIBUTE ::= CLASS { +-- &attributeType AttributeId, +-- &outputValues OutputValues OPTIONAL, +-- &contexts ContextProfile OPTIONAL +-- } +-- WITH SYNTAX { +-- ATTRIBUTE TYPE &attributeType +-- [OUTPUT VALUES &outputValues] +-- [CONTEXTS &contexts] +-- } +-- +-- MATCHING-RESTRICTION ::= CLASS { +-- &Restriction , +-- &Rules MATCHING-RULE.&id, +-- &id OBJECT IDENTIFIER UNIQUE +-- }WITH SYNTAX {RESTRICTION &Restriction +-- RULES &Rules +-- ID &id +-- } +-- +-- object identifier assignments +-- object classes +-- id-oc-top OBJECT IDENTIFIER ::= +-- {id-oc 0} +-- +-- id-oc-alias OBJECT IDENTIFIER ::= {id-oc 1} +-- +-- id-oc-parent OBJECT IDENTIFIER ::= {id-oc 28} +-- +-- id-oc-child OBJECT IDENTIFIER ::= {id-oc 29} +-- +-- attributes +-- id-at-objectClass OBJECT IDENTIFIER ::= {id-at 0} +-- +-- id-at-aliasedEntryName OBJECT IDENTIFIER ::= {id-at 1} +-- +-- matching rules +-- id-mr-objectIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 0} +-- +-- id-mr-distinguishedNameMatch OBJECT IDENTIFIER ::= {id-mr 1} +-- +-- operational attributes +-- id-oa-excludeAllCollectiveAttributes OBJECT IDENTIFIER ::= +-- {id-oa 0} +-- +-- id-oa-createTimestamp OBJECT IDENTIFIER ::= {id-oa 1} +-- +-- id-oa-modifyTimestamp OBJECT IDENTIFIER ::= {id-oa 2} +-- +-- id-oa-creatorsName OBJECT IDENTIFIER ::= {id-oa 3} +-- +-- id-oa-modifiersName OBJECT IDENTIFIER ::= {id-oa 4} +-- +-- id-oa-administrativeRole OBJECT IDENTIFIER ::= {id-oa 5} +-- +-- id-oa-subtreeSpecification OBJECT IDENTIFIER ::= {id-oa 6} +-- +-- id-oa-collectiveExclusions OBJECT IDENTIFIER ::= {id-oa 7} +-- +-- id-oa-subschemaTimestamp OBJECT IDENTIFIER ::= {id-oa 8} +-- +-- id-oa-hasSubordinates OBJECT IDENTIFIER ::= {id-oa 9} +-- +-- id-oa-subschemaSubentryList OBJECT IDENTIFIER ::= {id-oa 10} +-- +-- id-oa-accessControlSubentryList OBJECT IDENTIFIER ::= {id-oa 11} +-- +-- id-oa-collectiveAttributeSubentryList OBJECT IDENTIFIER ::= {id-oa 12} +-- +-- id-oa-contextDefaultSubentryList OBJECT IDENTIFIER ::= {id-oa 13} +-- +-- id-oa-contextAssertionDefault OBJECT IDENTIFIER ::= {id-oa 14} +-- +-- id-oa-serviceAdminSubentryList OBJECT IDENTIFIER ::= {id-oa 15} +-- +-- id-oa-searchRules OBJECT IDENTIFIER ::= {id-oa 16} +-- +-- id-oa-hierarchyLevel OBJECT IDENTIFIER ::= {id-oa 17} +-- +-- id-oa-hierarchyBelow OBJECT IDENTIFIER ::= {id-oa 18} +-- +-- id-oa-hierarchyParent OBJECT IDENTIFIER ::= {id-oa 19} +-- +-- subentry classes +-- id-sc-subentry OBJECT IDENTIFIER ::= {id-sc 0} +-- +-- id-sc-accessControlSubentry OBJECT IDENTIFIER ::= {id-sc 1} +-- +-- id-sc-collectiveAttributeSubentry OBJECT IDENTIFIER ::= {id-sc 2} +-- +-- id-sc-contextAssertionSubentry OBJECT IDENTIFIER ::= {id-sc 3} +-- +-- id-sc-serviceAdminSubentry OBJECT IDENTIFIER ::= {id-sc 4} +-- +-- Name forms +-- id-nf-subentryNameForm OBJECT IDENTIFIER ::= {id-nf 16} +-- +-- administrative roles +-- id-ar-autonomousArea OBJECT IDENTIFIER ::= {id-ar 1} +-- +-- id-ar-accessControlSpecificArea OBJECT IDENTIFIER ::= {id-ar 2} +-- +-- id-ar-accessControlInnerArea OBJECT IDENTIFIER ::= {id-ar 3} +-- +-- id-ar-subschemaAdminSpecificArea OBJECT IDENTIFIER ::= {id-ar 4} +-- +-- id-ar-collectiveAttributeSpecificArea OBJECT IDENTIFIER ::= {id-ar 5} +-- +-- id-ar-collectiveAttributeInnerArea OBJECT IDENTIFIER ::= {id-ar 6} +-- +-- id-ar-contextDefaultSpecificArea OBJECT IDENTIFIER ::= {id-ar 7} +-- +-- id-ar-serviceSpecificArea OBJECT IDENTIFIER ::= {id-ar 8} + +END -- InformationFramework + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/asn1/x509if/packet-x509if-template.c b/asn1/x509if/packet-x509if-template.c new file mode 100644 index 0000000000..03921bba51 --- /dev/null +++ b/asn1/x509if/packet-x509if-template.c @@ -0,0 +1,96 @@ +/* packet-x509if.c + * Routines for X.509 Information Framework packet dissection + * + * $Id: packet-x509if-template.c,v 1.2 2004/05/25 21:07:43 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <glib.h> +#include <epan/packet.h> +#include <epan/conversation.h> + +#include <stdio.h> +#include <string.h> + +#include "packet-ber.h" +#include "packet-x509if.h" + +#define PNAME "X.509 Information Framework" +#define PSNAME "X509IF" +#define PFNAME "x509if" + +/* Initialize the protocol and registered fields */ +int proto_x509if = -1; +#include "packet-x509if-hf.c" + +/* Initialize the subtree pointers */ +static gint ett_x509if_Attribute = -1; +#include "packet-x509if-ett.c" + +static ber_sequence Attribute_sequence[] = { + /* { BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_hf_x509if_type },*/ + /*XXX missing stuff here */ + { 0, 0, 0, NULL } +}; + +int +dissect_x509if_Attribute(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index) { + offset = dissect_ber_sequence(implicit_tag, pinfo, tree, tvb, offset, + Attribute_sequence, hf_index, ett_x509if_Attribute); + + return offset; +} + + +#include "packet-x509if-fn.c" + + +/*--- proto_register_x509if ----------------------------------------------*/ +void proto_register_x509if(void) { + + /* List of fields */ + static hf_register_info hf[] = { +#include "packet-x509if-hfarr.c" + }; + + /* List of subtrees */ + static gint *ett[] = { + &ett_x509if_Attribute, +#include "packet-x509if-ettarr.c" + }; + + /* Register protocol */ + proto_x509if = proto_register_protocol(PNAME, PSNAME, PFNAME); + + /* Register fields and subtrees */ + proto_register_field_array(proto_x509if, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + +} + + +/*--- proto_reg_handoff_x509if -------------------------------------------*/ +void proto_reg_handoff_x509if(void) { +} + diff --git a/asn1/x509if/packet-x509if-template.h b/asn1/x509if/packet-x509if-template.h new file mode 100644 index 0000000000..3ec1866b2a --- /dev/null +++ b/asn1/x509if/packet-x509if-template.h @@ -0,0 +1,33 @@ +/* packet-x509if.h + * Routines for X.509 Information Framework packet dissection + * + * $Id: packet-x509if-template.h,v 1.1 2004/05/24 08:42:29 sahlberg Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifndef PACKET_X509IF_H +#define PACKET_X509IF_H + +#include "packet-x509if-exp.h" + +int dissect_x509if_Attribute(gboolean implicit_tag, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, int hf_index); + +#endif /* PACKET_X509IF_H */ + diff --git a/asn1/x509if/x509if.cnf b/asn1/x509if/x509if.cnf new file mode 100644 index 0000000000..440477a16b --- /dev/null +++ b/asn1/x509if/x509if.cnf @@ -0,0 +1,21 @@ +# x509if.cnf
+# X509IF conformation file
+
+# $Id: x509if.cnf,v 1.2 2004/06/03 08:35:44 guy Exp $
+
+#.MODULE_IMPORT
+
+#.EXPORTS
+
+AttributeType
+Name
+
+#.NO_EMIT
+
+#.TYPE_RENAME
+
+#.FIELD_RENAME
+
+#.END
+
+
diff --git a/asn1/x509if/x509if_exp.cnf b/asn1/x509if/x509if_exp.cnf new file mode 100644 index 0000000000..48e3a81777 --- /dev/null +++ b/asn1/x509if/x509if_exp.cnf @@ -0,0 +1,7 @@ +
+#.IMPORT_TAG
+GeneralNames BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
+Name BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
+UniqueIdentifier BER_CLASS_UNI BER_UNI_TAG_BITSTRING
+Attribute BER_CLASS_UNI BER_UNI_TAG_SEQUENCE
+
|