diff options
author | Martin Kaiser <wireshark@kaiser.cx> | 2023-09-10 17:00:53 +0000 |
---|---|---|
committer | AndersBroman <a.broman58@gmail.com> | 2023-09-10 17:00:53 +0000 |
commit | 9243189bd53a072c31dcaffd33d1f56c1c1d9e6e (patch) | |
tree | ec4eac76bf5709c2deddfcf8d13afa0b2d05bd06 /epan | |
parent | 023592c4024531452e40c2014be195f8081899cd (diff) |
x509ce: dissect CI+ security level extension
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/asn1/x509ce/CertificateExtensionsCiplus.asn | 10 | ||||
-rw-r--r-- | epan/dissectors/asn1/x509ce/packet-x509ce-template.c | 5 | ||||
-rw-r--r-- | epan/dissectors/asn1/x509ce/x509ce.cnf | 2 | ||||
-rw-r--r-- | epan/dissectors/packet-x509ce.c | 27 | ||||
-rw-r--r-- | epan/dissectors/packet-x509ce.h | 1 |
5 files changed, 43 insertions, 2 deletions
diff --git a/epan/dissectors/asn1/x509ce/CertificateExtensionsCiplus.asn b/epan/dissectors/asn1/x509ce/CertificateExtensionsCiplus.asn index 00c024b5d6..9f824c8e82 100644 --- a/epan/dissectors/asn1/x509ce/CertificateExtensionsCiplus.asn +++ b/epan/dissectors/asn1/x509ce/CertificateExtensionsCiplus.asn @@ -38,9 +38,19 @@ cicamBrandId EXTENSION ::= { CicamBrandId ::= INTEGER(1..65535) + +securityLevel EXTENSION ::= { + SYNTAX SecurityLevel + IDENTIFIED BY id-pe-securityLevel +} + +SecurityLevel ::= INTEGER (0..MAX) + + -- Object identifier assignments id-pe-scramblerCapabilities OBJECT IDENTIFIER ::= { id-pkix id-pe(1) 25 } id-pe-ciplusInfo OBJECT IDENTIFIER ::= { id-pkix id-pe(1) 26 } id-pe-cicamBrandId OBJECT IDENTIFIER ::= { id-pkix id-pe(1) 27 } +id-pe-securityLevel OBJECT IDENTIFIER ::= { id-pkix id-pe(1) 50 } END diff --git a/epan/dissectors/asn1/x509ce/packet-x509ce-template.c b/epan/dissectors/asn1/x509ce/packet-x509ce-template.c index 7c6e8cd1cc..e722e66b15 100644 --- a/epan/dissectors/asn1/x509ce/packet-x509ce-template.c +++ b/epan/dissectors/asn1/x509ce/packet-x509ce-template.c @@ -49,7 +49,7 @@ static int hf_x509ce_IPAddress_ipv6 = -1; void x509ce_enable_ciplus(void) { - dissector_handle_t dh25, dh26, dh27; + dissector_handle_t dh25, dh26, dh27, dh50; dh25 = create_dissector_handle(dissect_ScramblerCapabilities_PDU, proto_x509ce); dissector_change_string("ber.oid", "1.3.6.1.5.5.7.1.25", dh25); @@ -57,6 +57,8 @@ x509ce_enable_ciplus(void) dissector_change_string("ber.oid", "1.3.6.1.5.5.7.1.26", dh26); dh27 = create_dissector_handle(dissect_CicamBrandId_PDU, proto_x509ce); dissector_change_string("ber.oid", "1.3.6.1.5.5.7.1.27", dh27); + dh50 = create_dissector_handle(dissect_SecurityLevel_PDU, proto_x509ce); + dissector_change_string("ber.oid", "1.3.6.1.5.5.7.1.50", dh50); } void @@ -65,6 +67,7 @@ x509ce_disable_ciplus(void) dissector_reset_string("ber.oid", "1.3.6.1.5.5.7.1.25"); dissector_reset_string("ber.oid", "1.3.6.1.5.5.7.1.26"); dissector_reset_string("ber.oid", "1.3.6.1.5.5.7.1.27"); + dissector_reset_string("ber.oid", "1.3.6.1.5.5.7.1.50"); } diff --git a/epan/dissectors/asn1/x509ce/x509ce.cnf b/epan/dissectors/asn1/x509ce/x509ce.cnf index c92be35c57..242d136d2a 100644 --- a/epan/dissectors/asn1/x509ce/x509ce.cnf +++ b/epan/dissectors/asn1/x509ce/x509ce.cnf @@ -88,11 +88,13 @@ SubjectKeyIdentifier ScramblerCapabilities CiplusInfo CicamBrandId +SecurityLevel #.PDU ScramblerCapabilities CiplusInfo CicamBrandId +SecurityLevel #.REGISTER diff --git a/epan/dissectors/packet-x509ce.c b/epan/dissectors/packet-x509ce.c index 4c0d327212..cd53fc1f26 100644 --- a/epan/dissectors/packet-x509ce.c +++ b/epan/dissectors/packet-x509ce.c @@ -84,6 +84,7 @@ static int hf_x509ce_NFTypes_PDU = -1; /* NFTypes */ static int hf_x509ce_ScramblerCapabilities_PDU = -1; /* ScramblerCapabilities */ static int hf_x509ce_CiplusInfo_PDU = -1; /* CiplusInfo */ static int hf_x509ce_CicamBrandId_PDU = -1; /* CicamBrandId */ +static int hf_x509ce_SecurityLevel_PDU = -1; /* SecurityLevel */ static int hf_x509ce_keyIdentifier = -1; /* KeyIdentifier */ static int hf_x509ce_authorityCertIssuer = -1; /* GeneralNames */ static int hf_x509ce_authorityCertSerialNumber = -1; /* CertificateSerialNumber */ @@ -1717,6 +1718,16 @@ dissect_x509ce_CicamBrandId(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset return offset; } + + +int +dissect_x509ce_SecurityLevel(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_integer64(implicit_tag, actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + /*--- PDUs ---*/ static int dissect_AuthorityKeyIdentifier_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) { @@ -2020,6 +2031,13 @@ static int dissect_CicamBrandId_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, p offset = dissect_x509ce_CicamBrandId(FALSE, tvb, offset, &asn1_ctx, tree, hf_x509ce_CicamBrandId_PDU); return offset; } +static int dissect_SecurityLevel_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) { + int offset = 0; + asn1_ctx_t asn1_ctx; + asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); + offset = dissect_x509ce_SecurityLevel(FALSE, tvb, offset, &asn1_ctx, tree, hf_x509ce_SecurityLevel_PDU); + return offset; +} /* CI+ (www.ci-plus.com) defines some X.509 certificate extensions @@ -2029,7 +2047,7 @@ static int dissect_CicamBrandId_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, p void x509ce_enable_ciplus(void) { - dissector_handle_t dh25, dh26, dh27; + dissector_handle_t dh25, dh26, dh27, dh50; dh25 = create_dissector_handle(dissect_ScramblerCapabilities_PDU, proto_x509ce); dissector_change_string("ber.oid", "1.3.6.1.5.5.7.1.25", dh25); @@ -2037,6 +2055,8 @@ x509ce_enable_ciplus(void) dissector_change_string("ber.oid", "1.3.6.1.5.5.7.1.26", dh26); dh27 = create_dissector_handle(dissect_CicamBrandId_PDU, proto_x509ce); dissector_change_string("ber.oid", "1.3.6.1.5.5.7.1.27", dh27); + dh50 = create_dissector_handle(dissect_SecurityLevel_PDU, proto_x509ce); + dissector_change_string("ber.oid", "1.3.6.1.5.5.7.1.50", dh50); } void @@ -2045,6 +2065,7 @@ x509ce_disable_ciplus(void) dissector_reset_string("ber.oid", "1.3.6.1.5.5.7.1.25"); dissector_reset_string("ber.oid", "1.3.6.1.5.5.7.1.26"); dissector_reset_string("ber.oid", "1.3.6.1.5.5.7.1.27"); + dissector_reset_string("ber.oid", "1.3.6.1.5.5.7.1.50"); } @@ -2260,6 +2281,10 @@ void proto_register_x509ce(void) { { "CicamBrandId", "x509ce.CicamBrandId", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }}, + { &hf_x509ce_SecurityLevel_PDU, + { "SecurityLevel", "x509ce.SecurityLevel", + FT_UINT64, BASE_DEC, NULL, 0, + NULL, HFILL }}, { &hf_x509ce_keyIdentifier, { "keyIdentifier", "x509ce.keyIdentifier", FT_BYTES, BASE_NONE, NULL, 0, diff --git a/epan/dissectors/packet-x509ce.h b/epan/dissectors/packet-x509ce.h index 0718bbdc35..7e7d67970e 100644 --- a/epan/dissectors/packet-x509ce.h +++ b/epan/dissectors/packet-x509ce.h @@ -78,6 +78,7 @@ int dissect_x509ce_PkiPathMatchSyntax(bool implicit_tag _U_, tvbuff_t *tvb _U_, int dissect_x509ce_ScramblerCapabilities(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_); int dissect_x509ce_CiplusInfo(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_); int dissect_x509ce_CicamBrandId(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_); +int dissect_x509ce_SecurityLevel(bool implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_); void x509ce_enable_ciplus(void); void x509ce_disable_ciplus(void); |