Wireshark · Ethereal-dev: Re: [Ethereal-dev] Question for packet-ber.c gurus

Ethereal-dev: Re: [Ethereal-dev] Question for packet-ber.c gurus

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Tomas Kukosa <tomas.kukosa@xxxxxxxxxxx>

Date: Mon, 03 May 2004 10:25:09 +0200

The EXPLICIT tags do not need any special handling as it is 'default' behaviour for theBER dissector (the BER dissector was created for Kerberos and it contains all valuestagged explicitly). But values tagged implicitly and without tag need special handling.


See below or into attached files for recommended structures.

(Attached files are only uncompileable code fragments from ASN2ETH compiler but it couldhelp you.)


  Regards,
    Tom

static ber_sequence Certificate_sequence[] = {

{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,dissect_hf_rfc3280_tbsCertificate },{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,dissect_hf_rfc3280_signatureAlgorithm },{ BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG,dissect_hf_rfc3280_signatureValue },

  { 0, 0, 0, NULL }
};

static ber_sequence TBSCertificate_sequence[] = {
  { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_hf_rfc3280_version },

{ BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG,dissect_hf_rfc3280_serialNumber },

  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_hf_rfc3280_signature },
  { -1           , -1, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_hf_rfc3280_issuer },
  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_hf_rfc3280_validity },
  { -1           , -1, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_hf_rfc3280_subject },

{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,dissect_hf_rfc3280_subjectPublicKeyInfo },{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG,dissect_hf_rfc3280_issuerUniqueID_impl },{ BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG,dissect_hf_rfc3280_subjectUniqueID_impl },

  { BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_hf_rfc3280_extensions },
  { 0, 0, 0, NULL }
};


Yaniv Kaul wrote:

I'm trying to add support for dissecting X.509 certificates to Ethereal(which can then be used in IKE, SSL, anything else that uses them).
(I know it's DER, not BER, but still).
I'm having a bit of a trouble with it, I suspect it's due to EXPLICIT tags.
 From RFC 3280:
Certificate  ::=  SEQUENCE  {
       tbsCertificate       TBSCertificate,
       signatureAlgorithm   AlgorithmIdentifier,
       signatureValue       BIT STRING  }

  TBSCertificate  ::=  SEQUENCE  {
       version         [0]  EXPLICIT Version DEFAULT v1,
       serialNumber         CertificateSerialNumber,


I tried creating and dissecting it through the following structures:
static ber_sequence Certificate_sequence[] = {
   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, 0, dissect_tbsCertificate },
{ BER_CLASS_UNI, BER_UNI_TAG_INTEGER, 0,dissect_TBSCertificate_serialNumber },
...

and
static ber_sequence TBSCertificate_sequence[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG,dissect_TBSCertificate_version }
};
and it seems to work - up to the point that it does not dissect theserial number - it hops over it.
Any ideas?

Do we have anything special for dissecting EXPLICIT tags?

Attached is my effort thus far.

TIA,
Y.

Attachment: rfc3280.ZIP
Description: Zip compressed data

Follow-Ups:
- Re: [Ethereal-dev] Question for packet-ber.c gurus
  - From: Ronnie Sahlberg

References:
- [Ethereal-dev] Question for packet-ber.c gurus
  - From: Yaniv Kaul

Prev by Date: Re: Re: [Ethereal-dev] How to add a new item in menu bar?
Next by Date: Re: [Ethereal-dev] enabling libethereal.dll with MSVC (update)
Previous by thread: Re: [Ethereal-dev] Question for packet-ber.c gurus
Next by thread: Re: [Ethereal-dev] Question for packet-ber.c gurus
Index(es):
- Date
- Thread