["Ronnie Sahlberg" <ronnie_sahlberg@xxxxxxxxxxxxxx>]

Great stuff.

Any news about the updated h235 machinegenerated dissector?

If not, I can hack up a temporary fix to dissect those missing constructs in
the current handwritten one
so that Michael Oliveras can run his captures through ethereal.

----- Original Message ----- 
From: "Tomas Kukosa"
Sent: Monday, May 03, 2004 6:25 PM
Subject: Re: [Ethereal-dev] Question for packet-ber.c gurus


> The EXPLICIT tags do not need any special handling as it is 'default'
behaviour for the
> BER dissector (the BER dissector was created for Kerberos and it contains
all values
> tagged explicitly). But values tagged implicitly and without tag need
special handling.
>
> See below or into attached files for recommended structures.
> (Attached files are only uncompileable code fragments from ASN2ETH
compiler but it could
> help you.)
>
>    Regards,
>      Tom
>
> static ber_sequence Certificate_sequence[] = {
>    { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_tbsCertificate },
>    { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_signatureAlgorithm },
>    { BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_signatureValue },
>    { 0, 0, 0, NULL }
> };
>
> static ber_sequence TBSCertificate_sequence[] = {
>    { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_hf_rfc3280_version },
>    { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_serialNumber },
>    { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
dissect_hf_rfc3280_signature },
>    { -1           , -1, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG,
dissect_hf_rfc3280_issuer },
>    { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
dissect_hf_rfc3280_validity },
>    { -1           , -1, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG,
dissect_hf_rfc3280_subject },
>    { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_subjectPublicKeyInfo },
>    { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG,
> dissect_hf_rfc3280_issuerUniqueID_impl },
>    { BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG,
> dissect_hf_rfc3280_subjectUniqueID_impl },
>    { BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL,
dissect_hf_rfc3280_extensions },
>    { 0, 0, 0, NULL }
> };
>
>
> Yaniv Kaul wrote:
> > I'm trying to add support for dissecting X.509 certificates to Ethereal
> > (which can then be used in IKE, SSL, anything else that uses them).
> > (I know it's DER, not BER, but still).
> > I'm having a bit of a trouble with it, I suspect it's due to EXPLICIT
tags.
> >  From RFC 3280:
> > Certificate  ::=  SEQUENCE  {
> >        tbsCertificate       TBSCertificate,
> >        signatureAlgorithm   AlgorithmIdentifier,
> >        signatureValue       BIT STRING  }
> >
> >   TBSCertificate  ::=  SEQUENCE  {
> >        version         [0]  EXPLICIT Version DEFAULT v1,
> >        serialNumber         CertificateSerialNumber,
> >
> >
> > I tried creating and dissecting it through the following structures:
> > static ber_sequence Certificate_sequence[] = {
> >    { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, 0, dissect_tbsCertificate },
> >    { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, 0,
> > dissect_TBSCertificate_serialNumber },
> > ...
> >
> > and
> > static ber_sequence TBSCertificate_sequence[1] = {
> >    { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG,
> > dissect_TBSCertificate_version }
> > };
> >
> > and it seems to work - up to the point that it does not dissect the
> > serial number - it hops over it.
> > Any ideas?
> >
> > Do we have anything special for dissecting EXPLICIT tags?
> >
> > Attached is my effort thus far.
> >
> > TIA,
> > Y.
> >
> >
>


----------------------------------------------------------------------------
----


> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>