PKCS10: Enabling own dissection function for Attributes

The one in pkix1explicit might be broken, while it might have unexpected side-effects to mess with that. Anyway, RFC 2986 defines the Attribute sequence for PKCS10 directly. Change-Id: I854b5b5fb83322a1302d011c9cd6f2d5c9fc2b78 Reviewed-on: https://code.wireshark.org/review/30585 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
author: Martin Peylo <wireshark@izac.de> 2018-11-12 19:46:09 +0200
committer: Anders Broman <a.broman58@gmail.com> 2018-11-13 07:47:55 +0000
commit: 684d4c11a2816f7868aba4a8f57744adb9988705 (patch)
tree: 80acb7d975c99cbfe541b3a3a79c42cd3b57b0a6 /epan
parent: 8cd89b3bace19919f193e27a9db7c9b157cbb2fb (diff)
3 files changed, 82 insertions, 4 deletions
diff --git a/epan/dissectors/asn1/pkcs10/PKCS10.asn b/epan/dissectors/asn1/pkcs10/PKCS10.asn
index 06dd133755..c63d6540f5 100644
--- a/epan/dissectors/asn1/pkcs10/PKCS10.asn
+++ b/epan/dissectors/asn1/pkcs10/PKCS10.asn
@@ -5,7 +5,7 @@
 --   - commented out import from InformationFramework
 --   - commented out AlgorithmIdentifier
 --   - commented out SubjectPublicKeyInfo
---   - commented out Attribute
+--   - simplified Attribute
 --   - added out import the above from PKIX1Explicit88
 --
 -- The copyright statement from the original description in RFC2986
@@ -57,7 +57,7 @@
 
 -- ADDED to avoid that it needs to be implemented here, and to have Name
 -- Directory Authentication Framework (X.509)
-    AlgorithmIdentifier, Name, SubjectPublicKeyInfo, Attribute
+    AlgorithmIdentifier, Name, SubjectPublicKeyInfo
         FROM PKIX1Explicit88 {iso(1) identified-organization(3) dod(6)
         internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit(18)}
 
@@ -86,11 +86,15 @@
    CRIAttributes  ATTRIBUTE  ::= {
         ... -- add any locally defined attributes here -- }
 
--- COMMENTED OUT as not needed as imported from PKIX1Explicit88
+-- Simplified to make it easier to digest
 --    Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
 --       type   ATTRIBUTE.&id({IOSet}),
 --       values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type})
 --    }
+    Attribute       ::=     SEQUENCE {
+      type            OBJECT IDENTIFIER,
+      values  SET SIZE (1 .. MAX) OF ANY
+    }
 
    CertificationRequest ::= SEQUENCE {
         certificationRequestInfo CertificationRequestInfo,
diff --git a/epan/dissectors/asn1/pkcs10/pkcs10.cnf b/epan/dissectors/asn1/pkcs10/pkcs10.cnf
index d0f7ff54a8..798589b3c0 100644
--- a/epan/dissectors/asn1/pkcs10/pkcs10.cnf
+++ b/epan/dissectors/asn1/pkcs10/pkcs10.cnf
@@ -18,4 +18,10 @@ CertificationRequest
 
 #.FIELD_RENAME
 
+#.FN_PARS Attribute/type
+  FN_VARIANT = _str  HF_INDEX = hf_pkcs10_type  VAL_PTR = &actx->external.direct_reference
+
+#.FN_BODY Attribute/values/_item
+    offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL);
+
 #.END_OF_CNF
diff --git a/epan/dissectors/packet-pkcs10.c b/epan/dissectors/packet-pkcs10.c
index 5e85fc58a0..95cb962d3e 100644
--- a/epan/dissectors/packet-pkcs10.c
+++ b/epan/dissectors/packet-pkcs10.c
@@ -59,6 +59,9 @@ static int hf_pkcs10_subject = -1;                /* Name */
 static int hf_pkcs10_subjectPKInfo = -1;          /* SubjectPublicKeyInfo */
 static int hf_pkcs10_attributes = -1;             /* Attributes */
 static int hf_pkcs10_Attributes_item = -1;        /* Attribute */
+static int hf_pkcs10_type = -1;                   /* T_type */
+static int hf_pkcs10_values = -1;                 /* T_values */
+static int hf_pkcs10_values_item = -1;            /* T_values_item */
 static int hf_pkcs10_certificationRequestInfo = -1;  /* CertificationRequestInfo */
 static int hf_pkcs10_signatureAlgorithm = -1;     /* AlgorithmIdentifier */
 static int hf_pkcs10_signature = -1;              /* BIT_STRING */
@@ -72,6 +75,8 @@ static int hf_pkcs10_signature = -1;              /* BIT_STRING */
 #line 1 "./asn1/pkcs10/packet-pkcs10-ett.c"
 static gint ett_pkcs10_CertificationRequestInfo = -1;
 static gint ett_pkcs10_Attributes = -1;
+static gint ett_pkcs10_Attribute = -1;
+static gint ett_pkcs10_T_values = -1;
 static gint ett_pkcs10_CertificationRequest = -1;
 
 /*--- End of included file: packet-pkcs10-ett.c ---*/
@@ -95,8 +100,57 @@ dissect_pkcs10_T_version(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offse
 }
 
 
+
+static int
+dissect_pkcs10_T_type(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
+  offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_pkcs10_type, &actx->external.direct_reference);
+
+  return offset;
+}
+
+
+
+static int
+dissect_pkcs10_T_values_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
+#line 25 "./asn1/pkcs10/pkcs10.cnf"
+    offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL);
+
+
+
+  return offset;
+}
+
+
+static const ber_sequence_t T_values_set_of[1] = {
+  { &hf_pkcs10_values_item  , BER_CLASS_ANY, 0, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_values_item },
+};
+
+static int
+dissect_pkcs10_T_values(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
+  offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
+                                 T_values_set_of, hf_index, ett_pkcs10_T_values);
+
+  return offset;
+}
+
+
+static const ber_sequence_t Attribute_sequence[] = {
+  { &hf_pkcs10_type         , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_type },
+  { &hf_pkcs10_values       , BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_values },
+  { NULL, 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs10_Attribute(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
+                                   Attribute_sequence, hf_index, ett_pkcs10_Attribute);
+
+  return offset;
+}
+
+
 static const ber_sequence_t Attributes_set_of[1] = {
-  { &hf_pkcs10_Attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkix1explicit_Attribute },
+  { &hf_pkcs10_Attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkcs10_Attribute },
 };
 
 static int
@@ -197,6 +251,18 @@ void proto_register_pkcs10(void) {
       { "Attribute", "pkcs10.Attribute_element",
         FT_NONE, BASE_NONE, NULL, 0,
         NULL, HFILL }},
+    { &hf_pkcs10_type,
+      { "type", "pkcs10.type",
+        FT_OID, BASE_NONE, NULL, 0,
+        NULL, HFILL }},
+    { &hf_pkcs10_values,
+      { "values", "pkcs10.values",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        NULL, HFILL }},
+    { &hf_pkcs10_values_item,
+      { "values item", "pkcs10.values_item_element",
+        FT_NONE, BASE_NONE, NULL, 0,
+        NULL, HFILL }},
     { &hf_pkcs10_certificationRequestInfo,
       { "certificationRequestInfo", "pkcs10.certificationRequestInfo_element",
         FT_NONE, BASE_NONE, NULL, 0,
@@ -221,6 +287,8 @@ void proto_register_pkcs10(void) {
 #line 1 "./asn1/pkcs10/packet-pkcs10-ettarr.c"
     &ett_pkcs10_CertificationRequestInfo,
     &ett_pkcs10_Attributes,
+    &ett_pkcs10_Attribute,
+    &ett_pkcs10_T_values,
     &ett_pkcs10_CertificationRequest,
 
 /*--- End of included file: packet-pkcs10-ettarr.c ---*/
author	Martin Peylo <wireshark@izac.de>	2018-11-12 19:46:09 +0200
committer	Anders Broman <a.broman58@gmail.com>	2018-11-13 07:47:55 +0000
commit	684d4c11a2816f7868aba4a8f57744adb9988705 (patch)
tree	80acb7d975c99cbfe541b3a3a79c42cd3b57b0a6 /epan
parent	8cd89b3bace19919f193e27a9db7c9b157cbb2fb (diff)