diff options
author | Peter Wu <peter@lekensteyn.nl> | 2015-09-15 23:24:26 +0200 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2015-10-18 03:30:21 +0000 |
commit | 317af2c68ce1db0599fb0082cf454a451ff74c20 (patch) | |
tree | 6abe0d7fab3d0483f43acdfc78fe7673d06f2703 /asn1/x509af | |
parent | 48d46e67fd7938262df658c0b459e2e926faa9ab (diff) |
x509af: dissect subjectPublicKey for RSA
The subjectPublicKey field of a Certificate (TBSCertificate) is defined
as type BIT STRING. The actual contents depend on the Algorithm
Identifier which is preceding the subjectPublicKey field.
This patch adds support for dissection of the public key for RSA
public keys which show up below the subjectPublicKey tree:
subjectPublicKeyInfo
algorithm (rsaEncryption)
Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption)
subjectPublicKey: 3082010a0282010100b7c769e2d0eacaeb929fc08238a9ff...
modulus : 0x00b7c769e2d0eacaeb929fc08238a9ffc59cab39c28a2e26...
publicExponent: 65537
Change-Id: Ib92645433b0a0078a947ff0ac26c5e6a64877b93
Reviewed-on: https://code.wireshark.org/review/10967
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'asn1/x509af')
-rw-r--r-- | asn1/x509af/packet-x509af-template.c | 1 | ||||
-rw-r--r-- | asn1/x509af/x509af.cnf | 26 |
2 files changed, 27 insertions, 0 deletions
diff --git a/asn1/x509af/packet-x509af-template.c b/asn1/x509af/packet-x509af-template.c index c6941421d2..5ce49b3312 100644 --- a/asn1/x509af/packet-x509af-template.c +++ b/asn1/x509af/packet-x509af-template.c @@ -33,6 +33,7 @@ #include "packet-x509if.h" #include "packet-x509sat.h" #include "packet-ldap.h" +#include "packet-pkcs1.h" #if defined(HAVE_LIBGNUTLS) #include <gnutls/gnutls.h> #endif diff --git a/asn1/x509af/x509af.cnf b/asn1/x509af/x509af.cnf index 5c98d6dbaf..8c299cef6d 100644 --- a/asn1/x509af/x509af.cnf +++ b/asn1/x509af/x509af.cnf @@ -87,6 +87,32 @@ CertificateList/signedCertificateList/revokedCertificates/_item/userCertificate x509af_export_publickey(tvb, actx, orig_offset, offset - orig_offset); #.END +#.FN_BODY SubjectPublicKeyInfo/subjectPublicKey + tvbuff_t *bs_tvb; +# proto_tree *subtree; + + dissect_ber_bitstring(FALSE, actx, NULL, tvb, offset, + NULL, -1, -1, &bs_tvb); + + /* See RFC 3279 for possible subjectPublicKey values given an Algorithm ID. + * The contents of subjectPublicKey are always explicitly tagged. */ + if (!strcmp(algorithm_id, "1.2.840.113549.1.1.1")) { /* id-rsa */ + offset += dissect_pkcs1_RSAPublicKey(FALSE, bs_tvb, 0, actx, tree, hf_index); + +# TODO: PKCS#1 only defines RSA; DH and DSA are from PKIX1Algorithms2008 +# } else if (!strcmp(algorithm_id, "1.2.840.10040.4.1")) { /* id-dsa */ +# subtree = proto_item_add_subtree(actx->created_item, ett_subjectpublickey); +# offset += dissect_DSAPublicKey(FALSE, bs_tvb, 0, actx, subtree, hf_dsa_y); +# +# } else if (!strcmp(algorithm_id, "1.2.840.10046.2.1")) { /* dhpublicnumber */ +# subtree = proto_item_add_subtree(actx->created_item, ett_subjectpublickey); +# offset += dissect_DHPublicKey(FALSE, bs_tvb, 0, actx, subtree, hf_dh_y); +# + } else { + offset = dissect_ber_bitstring(FALSE, actx, tree, tvb, offset, + NULL, hf_index, -1, NULL); + } + #.FN_PARS Extension/extnId FN_VARIANT = _str HF_INDEX = hf_x509af_extension_id VAL_PTR = &actx->external.direct_reference |