diff options
author | Martin Peylo <wireshark@izac.de> | 2018-11-12 19:46:09 +0200 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2018-11-13 07:47:55 +0000 |
commit | 684d4c11a2816f7868aba4a8f57744adb9988705 (patch) | |
tree | 80acb7d975c99cbfe541b3a3a79c42cd3b57b0a6 /epan | |
parent | 8cd89b3bace19919f193e27a9db7c9b157cbb2fb (diff) |
PKCS10: Enabling own dissection function for Attributes
The one in pkix1explicit might be broken, while it might have unexpected
side-effects to mess with that. Anyway, RFC 2986 defines the Attribute
sequence for PKCS10 directly.
Change-Id: I854b5b5fb83322a1302d011c9cd6f2d5c9fc2b78
Reviewed-on: https://code.wireshark.org/review/30585
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/asn1/pkcs10/PKCS10.asn | 10 | ||||
-rw-r--r-- | epan/dissectors/asn1/pkcs10/pkcs10.cnf | 6 | ||||
-rw-r--r-- | epan/dissectors/packet-pkcs10.c | 70 |
3 files changed, 82 insertions, 4 deletions
diff --git a/epan/dissectors/asn1/pkcs10/PKCS10.asn b/epan/dissectors/asn1/pkcs10/PKCS10.asn index 06dd133755..c63d6540f5 100644 --- a/epan/dissectors/asn1/pkcs10/PKCS10.asn +++ b/epan/dissectors/asn1/pkcs10/PKCS10.asn @@ -5,7 +5,7 @@ -- - commented out import from InformationFramework -- - commented out AlgorithmIdentifier -- - commented out SubjectPublicKeyInfo --- - commented out Attribute +-- - simplified Attribute -- - added out import the above from PKIX1Explicit88 -- -- The copyright statement from the original description in RFC2986 @@ -57,7 +57,7 @@ -- ADDED to avoid that it needs to be implemented here, and to have Name -- Directory Authentication Framework (X.509) - AlgorithmIdentifier, Name, SubjectPublicKeyInfo, Attribute + AlgorithmIdentifier, Name, SubjectPublicKeyInfo FROM PKIX1Explicit88 {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit(18)} @@ -86,11 +86,15 @@ CRIAttributes ATTRIBUTE ::= { ... -- add any locally defined attributes here -- } --- COMMENTED OUT as not needed as imported from PKIX1Explicit88 +-- Simplified to make it easier to digest -- Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE { -- type ATTRIBUTE.&id({IOSet}), -- values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type}) -- } + Attribute ::= SEQUENCE { + type OBJECT IDENTIFIER, + values SET SIZE (1 .. MAX) OF ANY + } CertificationRequest ::= SEQUENCE { certificationRequestInfo CertificationRequestInfo, diff --git a/epan/dissectors/asn1/pkcs10/pkcs10.cnf b/epan/dissectors/asn1/pkcs10/pkcs10.cnf index d0f7ff54a8..798589b3c0 100644 --- a/epan/dissectors/asn1/pkcs10/pkcs10.cnf +++ b/epan/dissectors/asn1/pkcs10/pkcs10.cnf @@ -18,4 +18,10 @@ CertificationRequest #.FIELD_RENAME +#.FN_PARS Attribute/type + FN_VARIANT = _str HF_INDEX = hf_pkcs10_type VAL_PTR = &actx->external.direct_reference + +#.FN_BODY Attribute/values/_item + offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL); + #.END_OF_CNF diff --git a/epan/dissectors/packet-pkcs10.c b/epan/dissectors/packet-pkcs10.c index 5e85fc58a0..95cb962d3e 100644 --- a/epan/dissectors/packet-pkcs10.c +++ b/epan/dissectors/packet-pkcs10.c @@ -59,6 +59,9 @@ static int hf_pkcs10_subject = -1; /* Name */ static int hf_pkcs10_subjectPKInfo = -1; /* SubjectPublicKeyInfo */ static int hf_pkcs10_attributes = -1; /* Attributes */ static int hf_pkcs10_Attributes_item = -1; /* Attribute */ +static int hf_pkcs10_type = -1; /* T_type */ +static int hf_pkcs10_values = -1; /* T_values */ +static int hf_pkcs10_values_item = -1; /* T_values_item */ static int hf_pkcs10_certificationRequestInfo = -1; /* CertificationRequestInfo */ static int hf_pkcs10_signatureAlgorithm = -1; /* AlgorithmIdentifier */ static int hf_pkcs10_signature = -1; /* BIT_STRING */ @@ -72,6 +75,8 @@ static int hf_pkcs10_signature = -1; /* BIT_STRING */ #line 1 "./asn1/pkcs10/packet-pkcs10-ett.c" static gint ett_pkcs10_CertificationRequestInfo = -1; static gint ett_pkcs10_Attributes = -1; +static gint ett_pkcs10_Attribute = -1; +static gint ett_pkcs10_T_values = -1; static gint ett_pkcs10_CertificationRequest = -1; /*--- End of included file: packet-pkcs10-ett.c ---*/ @@ -95,8 +100,57 @@ dissect_pkcs10_T_version(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offse } + +static int +dissect_pkcs10_T_type(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_pkcs10_type, &actx->external.direct_reference); + + return offset; +} + + + +static int +dissect_pkcs10_T_values_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { +#line 25 "./asn1/pkcs10/pkcs10.cnf" + offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL); + + + + return offset; +} + + +static const ber_sequence_t T_values_set_of[1] = { + { &hf_pkcs10_values_item , BER_CLASS_ANY, 0, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_values_item }, +}; + +static int +dissect_pkcs10_T_values(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset, + T_values_set_of, hf_index, ett_pkcs10_T_values); + + return offset; +} + + +static const ber_sequence_t Attribute_sequence[] = { + { &hf_pkcs10_type , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_type }, + { &hf_pkcs10_values , BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_values }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_pkcs10_Attribute(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + Attribute_sequence, hf_index, ett_pkcs10_Attribute); + + return offset; +} + + static const ber_sequence_t Attributes_set_of[1] = { - { &hf_pkcs10_Attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkix1explicit_Attribute }, + { &hf_pkcs10_Attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkcs10_Attribute }, }; static int @@ -197,6 +251,18 @@ void proto_register_pkcs10(void) { { "Attribute", "pkcs10.Attribute_element", FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL }}, + { &hf_pkcs10_type, + { "type", "pkcs10.type", + FT_OID, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_pkcs10_values, + { "values", "pkcs10.values", + FT_UINT32, BASE_DEC, NULL, 0, + NULL, HFILL }}, + { &hf_pkcs10_values_item, + { "values item", "pkcs10.values_item_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, { &hf_pkcs10_certificationRequestInfo, { "certificationRequestInfo", "pkcs10.certificationRequestInfo_element", FT_NONE, BASE_NONE, NULL, 0, @@ -221,6 +287,8 @@ void proto_register_pkcs10(void) { #line 1 "./asn1/pkcs10/packet-pkcs10-ettarr.c" &ett_pkcs10_CertificationRequestInfo, &ett_pkcs10_Attributes, + &ett_pkcs10_Attribute, + &ett_pkcs10_T_values, &ett_pkcs10_CertificationRequest, /*--- End of included file: packet-pkcs10-ettarr.c ---*/ |